package avicit.im.lantop.basic.archiveclassmanager.action.service.impl;

import avicit.cbb.billdefine.service.BillDefineManagerIntfsService;
import avicit.cbb.tabledefine.service.CommTableManagerIntfsService;
import avicit.im.lantop.common.StringUtil;
import avicit.im.lantop.userauthset.domain.LantopUserAuthExtendData;
import avicit.im.lantop.userauthset.service.UserAuthIntfsService;
import avicit.platform6.api.syslookup.SysLookupAPI;
import avicit.platform6.api.syslookup.dto.SysLookupSimpleVo;
import avicit.platform6.api.syslookup.impl.SysLookupAPImpl;
import avicit.platform6.api.sysuser.SysUserAPI;
import avicit.platform6.api.sysuser.dto.SysUser;
import avicit.platform6.commons.utils.ComUtil;
import avicit.platform6.commons.utils.PojoUtil;
import avicit.platform6.core.domain.BeanBase;
import avicit.platform6.core.exception.DaoException;
import avicit.platform6.core.jdbc.JdbcAvicit;
import avicit.platform6.core.properties.PlatformConstant.OpResult;
import avicit.platform6.core.properties.PlatformConstant.OpType;
import avicit.platform6.core.service.ServiceBase;
import avicit.platform6.core.spring.SpringFactory;
import avicit.platform6.modules.system.archiveManagerHome.service.ArchiveManagerHomeService;
import avicit.platform6.modules.system.syslog.service.LogBaseFactory;
import avicit.platform6.modules.system.syslog.service.SysLogUtil;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import java.sql.CallableStatement;
import java.sql.Connection;
import java.util.*;

/**
 * <p>金航数码科技有限责任公司</p>
 * <p>作者：张坚</p>
 * <p>邮箱：18629436468@163.com</p>
 * <p>创建时间： 2014-11-24 下午2:02:52 </p>
 * <p>类说明：用户权限设置service类
 * <p>修改记录： </p>
 */
@Service
@SuppressWarnings(value = {"unchecked", "deprecation"})
public class UserAuthIntfsServiceImpl extends ServiceBase implements UserAuthIntfsService {

    @Autowired(required = true)
    private JdbcAvicit jdbcAvicit;
    @Autowired
    private BillDefineManagerIntfsService billDefineManagerIntfsService;
    @Autowired
    private CommTableManagerIntfsService commTableManagerIntfsService;
    @Autowired
    private SysUserAPI sysUserAPI;

    SysLookupAPI upLoader = SpringFactory.getBean(SysLookupAPImpl.class); // 加载通用代码对象

    @Override
    public void delete(BeanBase arg0) throws DaoException {
        // TODO Auto-generated method stub

    }

    @Override
    public void insert(BeanBase arg0) throws DaoException {
        // TODO Auto-generated method stub

    }

    @Override
    public void update(BeanBase arg0) throws DaoException {
        // TODO Auto-generated method stub

    }

    /**
     * 获取数据权限：
     * key=1，则value为可执行的数据where过滤条件
     * key=2，则value为可执行的条目ID串，例如：('8a58bc5d4a5b3022014a5c259c360035','8a58bc184a713f0e014a716c664c000c')
     *
     * @param orgId：组织ID
     * @param deptId：部门ID
     * @param sysId：系统标识ID
     * @param targetType：权限设置目标类型。1.角色(role)；2.部门(dept)；3.用户(user)；；4.岗位(job)。
     * @param targetID：权限设置目标ID
     * @param serverId：权限服务ID-LANTOP_AUTH_SERVER_USERSET
     * @param archiveClassId：节点ID
     * @param archiveTableId：档案库表ID
     * @param modelSqlWhere:模块本身的业务逻辑sql条件，包括查询条件。
     * @return
     * @throws Exception Map<String,String>
     * @author 路永刚
     */
    @Override
    public Map<String, String> getUserAuthDatasByIntfs(String orgId, String deptId, String sysId, String targetType, String targetId, String serverId, String archiveClassId, String archiveTableId, String modelSqlWhere, Map<String, Object> param) throws Exception {
        // targetType 1 角色 2部门 3用户 4岗位
        Map<String, String> map = this.getUserAuthDatasByIntfsChild(orgId, deptId, sysId, "3", targetId, serverId, archiveClassId, archiveTableId, modelSqlWhere, param);
        Map<String, String> authMap = new HashMap<String, String>();
        String sql = map.get("SQL");
        authMap.put("SQL", " AND (" + sql + ")");
        return authMap;
    }

    /**
     * 获取用户数据权限中其中一个维度的权限SQL
     * 根据用户获得权限SQL
     *
     * @param orgId
     * @param deptId
     * @param sysId
     * @param targetType
     * @param targetId
     * @param serverId
     * @param archiveClassId
     * @param archiveTableId
     * @param modelSqlWhere
     * @param param
     * @return
     * @throws Exception Map<String,String>
     * @author 张坚
     */
    public Map<String, String> getUserAuthDatasByIntfsChild(String orgId, String deptId, String sysId, String targetType, String targetId, String serverId, String archiveClassId, String archiveTableId, String modelSqlWhere, Map<String, Object> param) throws Exception {
        String userSecretLevel = "1";
        if (null != param && param.containsKey("userSecretLevel")) {
            userSecretLevel = (String) param.get("userSecretLevel"); // 用户密级
        }
        String isEnable = "";
        String tableName = "";
        if (null != param && param.containsKey("isEnable")) {
            isEnable = (String) param.get("isEnable"); // 是否启用条件前缀加表名
            if ("Y".equals(isEnable)) {
                List<Map<String, Object>> tableList = commTableManagerIntfsService.getCbbTableAndColumnsByTabIdByIntfs(archiveTableId);
                if (tableList.size() > 0) {
                    Map<String, Object> tableMap = tableList.get(0);
                    tableName = (String) tableMap.get("TABLE_NAME");
                }
            }
        }
        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }

        Map<String, String> map = new HashMap<String, String>();
        StringBuffer sbSql2 = new StringBuffer();
        sbSql2.append("SELECT OPERATE_AUTH,TARGET_TYPE ");
        sbSql2.append("    FROM CBB_AUTH_RESOURCE CART ");

        sbSql2.append("   WHERE ");
        // 张余----修改
        // 用户维度
        sbSql2.append(" ((CART.TARGET_ID = '" + targetId + "'  ");
        sbSql2.append("                 AND CART.TARGET_TYPE = '3' ) ");

        // 角色维度
        sbSql2.append("  OR ( ");
        sbSql2.append("  	  CART.TARGET_TYPE = '1' ");
        sbSql2.append("  	AND EXISTS(");
        sbSql2.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T  ");
        sbSql2.append("                   WHERE T.SYS_ROLE_ID = CART.TARGET_ID  ");
        sbSql2.append("     				AND T.SYS_USER_ID = '" + targetId + "'");
        sbSql2.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql2.append("     		  ) ");
        sbSql2.append("     ) ");

        // 部门维度
        sbSql2.append("  OR ( ");
        sbSql2.append("  	  CART.TARGET_TYPE = '2' ");
        sbSql2.append("  	AND EXISTS(");
        sbSql2.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSql2.append("                   WHERE T.DEPT_ID = CART.TARGET_ID  ");
        sbSql2.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSql2.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql2.append("     		  ) ");
        sbSql2.append("     ) ");

        // 岗位维度
        sbSql2.append("  OR ( ");
        sbSql2.append("  	  CART.TARGET_TYPE = '4' ");
        sbSql2.append("  	AND EXISTS(");
        sbSql2.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSql2.append("                   WHERE T.POSITION_ID = CART.TARGET_ID  ");
        sbSql2.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSql2.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql2.append("     		  ) ");
        sbSql2.append("     )) ");

        // 张余----修改
        sbSql2.append("     AND CART.ORG_ID = '" + orgId + "' ");
        sbSql2.append("     AND CART.SYS_ID = '" + sysId + "' ");
        sbSql2.append("     AND CART.AUTH_SERVICE_ID = '" + serverId + "' ");
        sbSql2.append("     AND CART.OPERATE_AUTH LIKE '1,%'");
        sbSql2.append("     AND CART.CODE = '" + archiveClassId + "' ");
        List<Map<String, Object>> authList = this.jdbcAvicit.queryForMap(sbSql2.toString(), null);
        String auth = "0"; // 没有浏览权限
        String targetTypes = "";// 有浏览权限的维度，以，分割
        if (null != authList && authList.size() > 0) {
            auth = "1"; // 有浏览权限
        }
        for (Map<String, Object> authMap : authList) {
            Object type = authMap.get("TARGET_TYPE");
            if (null != type && !type.equals("")) {
                if (targetTypes.equals("")) {
                    targetTypes = type.toString();
                } else {
                    targetTypes = targetTypes + "," + type.toString();
                }
            }
        }
        // 通过tableId获取模板节点信息
        String classSql = "SELECT * FROM LANTOP_ARCHIVE_CLASS T WHERE EXISTS(SELECT NODE_ID FROM CBB_TAB_NODE WHERE TABLE_ID = '" + archiveTableId + "' AND T.ID = NODE_ID )";
        List<Map<String, Object>> classList = this.jdbcAvicit.getJdbcTemplate().queryForList(classSql);
        String archiveType = "";
        for (int i = 0; i < classList.size(); i++) {
            Map<String, Object> classMap = classList.get(i);
            // 获取档案类型
            String type = (String) classMap.get("ARCHIVE_TYPE");
            if (null != type) {
                archiveType = type;
                break;
            }
        }
        // 判断档案类型是否为文件类型,如果是文件类型则给权限赋值1(1为有权限浏览)
        if (!"".equals(archiveType)) {
            if ("1".equals(archiveType) || "6".equals(archiveType)) {
                auth = "1";
            }
        }
        map.put("3", auth);

        // 条目权限设置数据
        StringBuffer sbSql = new StringBuffer();
        sbSql.append("SELECT T.RES_CODE,T.RCD_DATA_TYPE ");
        sbSql.append("  FROM LANTOP_USER_AUTH_EXTEND_DATA T ");
        sbSql.append(" WHERE T.ORG_ID = '" + orgId + "'");
        sbSql.append("   AND T.SYS_ID = '" + sysId + "'");
        sbSql.append("   AND T.AUTH_SERVICE_ID = '" + serverId + "'");
        sbSql.append("   AND T.OPERATE_AUTH LIKE '1,%'");
        // 2015-12-28，修改内容：条目权限控制新增根据授权时间范围进行控制
        sbSql.append("   AND (T.START_DATE <= ");
        sbSql.append("       to_date(to_char(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR ");
        sbSql.append("       T.START_DATE IS NULL) ");
        sbSql.append("   AND (T.END_DATE >= to_date(to_char(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR ");
        sbSql.append("       T.END_DATE IS NULL)");

        // 张余----修改
        // 用户维度
        sbSql.append(" AND ((T.TARGET_ID = '" + targetId + "'  ");
        sbSql.append("                 AND T.TARGET_TYPE = '3' ) ");
        // 角色维度
        sbSql.append("  OR ( ");
        sbSql.append("  	  T.TARGET_TYPE = '1' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T1  ");
        sbSql.append("                   WHERE T1.SYS_ROLE_ID = T.TARGET_ID  ");
        sbSql.append("     				AND T1.SYS_USER_ID = '" + targetId + "'");
        sbSql.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("     		  ) ");
        sbSql.append("     ) ");

        // 部门维度
        sbSql.append("  OR ( ");
        sbSql.append("  	  T.TARGET_TYPE = '2' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T1 ");
        sbSql.append("                   WHERE T1.DEPT_ID = T.TARGET_ID  ");
        sbSql.append("     				AND T1.USER_ID = '" + targetId + "'");
        sbSql.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("     		  ) ");
        sbSql.append("     ) ");

        // 岗位维度
        sbSql.append("  OR ( ");
        sbSql.append("  	  T.TARGET_TYPE = '4' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T1 ");
        sbSql.append("                   WHERE T1.POSITION_ID = T.TARGET_ID  ");
        sbSql.append("     				AND T1.USER_ID = '" + targetId + "'");
        sbSql.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("     		  ) ");
        sbSql.append("     )) ");
        // 张余----修改

        sbSql.append("   AND T.ARCHIVE_CLASS_ID = '" + archiveClassId + "'");
        List<Map<String, Object>> entryList = this.jdbcAvicit.queryForMap(sbSql.toString(), null);
        if (entryList != null && entryList.size() > 0) {
            String ids = "";
            //String attaIds = "";
            for (Map<String, Object> mapList : entryList) {
                String type = mapList.get("RCD_DATA_TYPE").toString();
                String resCode = mapList.get("RES_CODE").toString();
                if (type.equals("0")) {
                    //attaIds += "," + resCode;
                } else {
                    ids += "," + resCode;
                }

            }
            StringBuffer query = new StringBuffer();
            query.append(" WITH T1 AS (" + sbSql + ") ");
            query.append(" SELECT CONCAT_CLOB_F(T.PARENT_REGISTER_ID) IDS FROM  SYS_ATTACHMENT T \n");
            query.append(" WHERE EXISTS( SELECT RES_CODE FROM T1 WHERE T1.RES_CODE = T.ID AND T1.RCD_DATA_TYPE = '0' ) \n");
            query.append("  ORDER BY T.CREATION_DATE DESC \n");
            List<Map<String, Object>> listSysAtt = this.jdbcAvicit.queryForMap(query.toString(), null);
            if (null != listSysAtt && listSysAtt.size() > 0) {
                String aids = (String) listSysAtt.get(0).get("IDS");
                ids = aids + ids;
            }

            ids = "('" + ids + "')";
            ids = ids.replace(",", "','");
            map.put("2", ids);
        } else {
            map.put("2", "");
        }
        if (null != authList && authList.size() > 0) {
            // 条件设置
            StringBuffer sbSql1 = new StringBuffer();
            sbSql1.append("SELECT ID, DATA_AUTH,TARGET_TYPE ");
            sbSql1.append("  FROM CBB_AUTH_RESOURCE T ");
            sbSql1.append(" WHERE T.ORG_ID = '" + orgId + "'");
            sbSql1.append("   AND T.SYS_ID = '" + sysId + "'");

            // 张余----修改
            // 用户维度
            sbSql1.append(" AND ((T.TARGET_ID = '" + targetId + "'  ");
            sbSql1.append("                 AND T.TARGET_TYPE = '3' ) ");

            // 角色维度
            sbSql1.append("  OR ( ");
            sbSql1.append("  	  T.TARGET_TYPE = '1' ");
            sbSql1.append("  	AND EXISTS(");
            sbSql1.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T1  ");
            sbSql1.append("                   WHERE T1.SYS_ROLE_ID = T.TARGET_ID  ");
            sbSql1.append("     				AND T1.SYS_USER_ID = '" + targetId + "'");
            sbSql1.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
            sbSql1.append("     		  ) ");
            sbSql1.append("     ) ");

            // 部门维度
            sbSql1.append("  OR ( ");
            sbSql1.append("  	  T.TARGET_TYPE = '2' ");
            sbSql1.append("  	AND EXISTS(");
            sbSql1.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T1 ");
            sbSql1.append("                   WHERE T1.DEPT_ID = T.TARGET_ID  ");
            sbSql1.append("     				AND T1.USER_ID = '" + targetId + "'");
            sbSql1.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
            sbSql1.append("     		  ) ");
            sbSql1.append("     ) ");

            // 岗位维度
            sbSql1.append("  OR ( ");
            sbSql1.append("  	  T.TARGET_TYPE = '4' ");
            sbSql1.append("  	AND EXISTS(");
            sbSql1.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T1 ");
            sbSql1.append("                   WHERE T1.POSITION_ID = T.TARGET_ID  ");
            sbSql1.append("     				AND T1.USER_ID = '" + targetId + "'");
            sbSql1.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
            sbSql1.append("     		  ) ");
            sbSql1.append("     )) ");
            // 张余----修改

            sbSql1.append("   AND T.AUTH_SERVICE_ID = '" + serverId + "'");
            sbSql1.append("   AND T.OPERATE_AUTH = '1'");
            sbSql1.append("   AND T.ACTION_TYPE = 'A1' ");
            sbSql1.append("   AND T.CODE = '" + archiveClassId + "_" + archiveTableId + "'");
            List<Map<String, Object>> qualificationList = this.jdbcAvicit.queryForMap(sbSql1.toString(), null);
            if (null != qualificationList && qualificationList.size() > 0) {
                StringBuffer allAuth = new StringBuffer();
                String userAuth = " 1=1 ";
                String roleAuth = " 1=1 ";
                String deptAuth = " 1=1 ";
                String positionAuth = " 1=1 ";

                if ("Y".equals(isEnable)) {
                    for (Map<String, Object> mapAuth : qualificationList) {
                        Object tagertType = mapAuth.get("TARGET_TYPE");
                        Object id = mapAuth.get("ID");
                        String authSql = "";
                        if (null != id && !id.equals("")) {
                            StringBuffer searchAuthConditionSql = new StringBuffer();
                            searchAuthConditionSql.append("SELECT * FROM LANTOP_USER_AUTH_CONDITION \n");
                            searchAuthConditionSql.append(" WHERE RESOURCE_ID = '" + id + "' \n");
                            searchAuthConditionSql.append(" ORDER BY ORDER_BY ASC \n");
                            List<Map<String, Object>> authConditionDatas = this.jdbcAvicit.getJdbcTemplate().queryForList(searchAuthConditionSql.toString());
                            for (int i = 0; i < authConditionDatas.size(); i++) {
                                Map<String, Object> authConditionMap = authConditionDatas.get(i);
                                authSql += getAuthSqlByConditionMap(authConditionMap, tableName);
                                if (authConditionMap.containsKey("GXF") && null != authConditionMap.get("GXF") && !"".equals(authConditionMap.get("GXF"))) {
                                    authSql += " " + authConditionMap.get("GXF") + " ";
                                }
                            }
                        }
                        if (tagertType != null && !authSql.equals("")) {
                            if (tagertType.equals("1")) {
                                roleAuth = roleAuth + " AND " + authSql;
                            } else if (tagertType.equals("2")) {
                                deptAuth = deptAuth + " AND " + authSql;
                            } else if (tagertType.equals("3")) {
                                userAuth = userAuth + " AND " + authSql;
                            } else if (tagertType.equals("4")) {
                                positionAuth = positionAuth + " AND " + authSql;
                            }
                        }
                    }
                    if (targetTypes.indexOf("1") > -1) {
                        allAuth.append("(" + roleAuth + ")");
                        allAuth.append(" OR ");
                    }
                    if (targetTypes.indexOf("2") > -1) {
                        allAuth.append("(" + deptAuth + ")");
                        allAuth.append(" OR ");
                    }
                    if (targetTypes.indexOf("3") > -1) {
                        allAuth.append("(" + userAuth + ")");
                        allAuth.append(" OR ");
                    }
                    if (targetTypes.indexOf("4") > -1) {
                        allAuth.append("(" + positionAuth + ")");
                        allAuth.append(" OR ");
                    }
                    allAuth.append(" 1=2 ");
                } else {
                    for (Map<String, Object> m : qualificationList) {
                        Object tagertType = m.get("TARGET_TYPE");
                        Object dataAuth = m.get("DATA_AUTH");
                        if (tagertType != null && !dataAuth.equals("")) {
                            if (tagertType.equals("1")) {
                                roleAuth = roleAuth + " AND " + dataAuth;
                            } else if (tagertType.equals("2")) {
                                deptAuth = deptAuth + " AND " + dataAuth;
                            } else if (tagertType.equals("3")) {
                                userAuth = userAuth + " AND " + dataAuth;
                            } else if (tagertType.equals("4")) {
                                positionAuth = positionAuth + " AND " + dataAuth;
                            }
                        }
                    }

                    if (targetTypes.indexOf("1") > -1) {
                        allAuth.append("(" + roleAuth + ")");
                        allAuth.append(" OR ");
                    }
                    if (targetTypes.indexOf("2") > -1) {
                        allAuth.append("(" + deptAuth + ")");
                        allAuth.append(" OR ");
                    }
                    if (targetTypes.indexOf("3") > -1) {
                        allAuth.append("(" + userAuth + ")");
                        allAuth.append(" OR ");
                    }
                    if (targetTypes.indexOf("4") > -1) {
                        allAuth.append("(" + positionAuth + ")");
                        allAuth.append(" OR ");
                    }
                    allAuth.append(" 1=2 ");
                }
                map.put("1", allAuth.toString());
            } else {
                map.put("1", "");
            }
        }

        // 2015-7-20
        String sqlWhere = map.get("1"); // 条件设置
        String entryIds = map.get("2"); // 条目设置
        String authFlag = map.get("3"); // 浏览权限
        StringBuffer authSqlSb = new StringBuffer();
        if (authFlag.equals("0")) {
            // 没有条目浏览权限
            // 设置了条目权限
            if (!entryIds.equals("")) {
                if ("Y".equals(isEnable)) {
                    authSqlSb.append(" " + tableName + ".ID IN ");
                } else {
                    authSqlSb.append(" ID IN ");
                }
                authSqlSb.append(entryIds);
            } else {
                authSqlSb.append(" 1=2 ");
            }
        } else {// 有条目浏览权限
            authSqlSb.append(" 1=1 ");
            // 密级控制
            String sysConfig = this.getMjSysConfigByIntfs(null); // 2为启用目录密级权限控制,4为目录和全文都控制
            if ("2".equals(sysConfig) || "4".equals(sysConfig)) {
                List<String> secrets = new ArrayList<String>();
                // 获取文档密级
                Collection<SysLookupSimpleVo> fileSecretList = upLoader.getLookUpListByType("PLATFORM_FILE_SECRET_LEVEL");
                Iterator<SysLookupSimpleVo> iter = fileSecretList.iterator();
                while (iter.hasNext()) {
                    SysLookupSimpleVo sysLookupSimpleVo = iter.next();
                    boolean isHave = upLoader.isRelation(sysLookupSimpleVo.getLookupCode(), userSecretLevel);
                    if (isHave) {
                        secrets.add(sysLookupSimpleVo.getLookupCode());
                    }
                }
                for (int i = 0; i < secrets.size() - 1; i++) {
                    for (int j = 1; j < secrets.size() - i; j++) {
                        int temp;
                        if ((secrets.get(j - 1)).compareTo(secrets.get(j)) > 0) { // 比较两个整数的大小
                            temp = Integer.parseInt(secrets.get(j - 1));
                            secrets.set((j - 1), secrets.get(j));
                            secrets.set(j, temp + "");
                        }
                    }
                }
                // 设置密级默认值
                int maxSecret = -1;
                // 获取密级最大值
                if (secrets.size() > 0) {
                    maxSecret = Integer.parseInt(secrets.get(secrets.size() - 1));
                }
                if (maxSecret >= 1) {
                    if ("Y".equals(isEnable)) {
                        authSqlSb.append(" AND (" + tableName + ".SECRET_LEVEL <= '" + maxSecret + "' OR " + tableName + ".SECRET_LEVEL IS NULL OR " + tableName + ".SECRET_LEVEL = '') ");
                    } else {
                        authSqlSb.append(" AND (SECRET_LEVEL <= '" + maxSecret + "' OR SECRET_LEVEL IS NULL OR SECRET_LEVEL = '') ");
                    }
                } else {
                    if ("Y".equals(isEnable)) {
                        authSqlSb.append(" AND " + tableName + ".SECRET_LEVEL <= '" + maxSecret + "' ");
                    } else {
                        authSqlSb.append(" AND SECRET_LEVEL <= '" + maxSecret + "' ");
                    }
                }
            }
            // 条件权限
            if (null != sqlWhere && !sqlWhere.equals("")) {
                authSqlSb.append(" AND ( ");
                authSqlSb.append(sqlWhere);
                authSqlSb.append(" ) ");
            }
            // 条目权限
            if (!entryIds.equals("")) {
                if ("Y".equals(isEnable)) {
                    authSqlSb.append(" OR (" + tableName + ".ID IN ");
                } else {
                    authSqlSb.append(" OR (ID IN ");
                }
                authSqlSb.append(entryIds);
                authSqlSb.append(" ");
                authSqlSb.append(modelSqlWhere);
                authSqlSb.append(")");
            }
        }
        String endStr = "";
        if (null != authSqlSb && !"".equals(authSqlSb.toString())) {
            endStr = authSqlSb.toString().substring(authSqlSb.length() - 3, authSqlSb.length());
            if ("AND".equals(endStr) || " OR".equals(endStr)) {
                endStr = authSqlSb.toString().substring(0, authSqlSb.length() - 3);
            } else {
                endStr = authSqlSb.toString();
            }
        }

        map.put("SQL", endStr);
        return map;
    }

    /**
     * 获取可操作的按钮json串
     *
     * @param orgId：组织ID
     * @param deptId：部门ID
     * @param sysId：系统标识ID
     * @param targetType：权限设置目标类型。1.角色(role)；2.部门(dept)；3.用户(user)；；4.岗位(job)。
     * @param targetID：权限设置目标ID
     * @param serverId：权限服务ID
     * @param resCode：档案分类树节点ID
     * @param menuCode：操作按钮所在菜单code
     * @throws Exception String
     * @author 路永刚
     * @return：可操作的按钮json串
     */
    @Override
    public String getUserAuthOperateCodesByIntfs(String orgId, String deptId, String sysId, String targetType, String targetId, String serverId, String resCode, String menuCode) throws Exception {
        StringBuffer sbSql = new StringBuffer();
        orgId = "ORG_ROOT";// 只取根组织的
        // 用户关联的按钮权限
        sbSql.append("SELECT distinct(OPERATE_CODE) FROM (");
        sbSql.append("SELECT LOCI.OPERATE_CODE ");
        sbSql.append(" FROM LANTOP_OPERATE_CLASS LOC ");
        sbSql.append(" INNER JOIN LANTOP_OPERATE_CLASS_ITEM LOCI ");
        sbSql.append("    ON LOC.ID = LOCI.LANTOP_OPERATE_CLASS_ID ");
        sbSql.append(" INNER JOIN SYS_MENU SM ");
        sbSql.append("    ON LOCI.FUNC_MENU_ID = SM.ID ");
        sbSql.append(" WHERE EXISTS (SELECT 1 ");
        sbSql.append("          FROM LANTOP_USER_AUTH_SET_EXTEND LUASE ");
        sbSql.append("         WHERE INSTR(LUASE.REL_TARGET_ID, LOC.ID) > 0 ");
        sbSql.append("           AND LUASE.ORG_ID = '" + orgId + "'");
        sbSql.append("           AND LUASE.SYS_ID = '" + sysId + "'");
        sbSql.append("           AND LUASE.TARGET_TYPE = '3'");
        sbSql.append("            AND LUASE.TARGET_ID = '" + targetId + "'");
        sbSql.append("           AND LUASE.AUTH_SERVICE_ID = '" + serverId + "'");
        sbSql.append("           AND LUASE.RES_CODE = '" + resCode + "'");
        sbSql.append(") AND LOC.OPERATE_CLASS_NAME<>'利用管理员' "); // 20160623 add wangzp (过滤利用管理员权限)
        sbSql.append("    AND SM.CODE = '" + menuCode + "' ");
        // 角色关联的按钮权限
        sbSql.append("UNION ALL ");
        sbSql.append("SELECT LOCI.OPERATE_CODE ");
        sbSql.append("  FROM LANTOP_OPERATE_CLASS LOC ");
        sbSql.append(" INNER JOIN LANTOP_OPERATE_CLASS_ITEM LOCI ");
        sbSql.append("    ON LOC.ID = LOCI.LANTOP_OPERATE_CLASS_ID ");
        sbSql.append(" INNER JOIN SYS_MENU SM ");
        sbSql.append("    ON LOCI.FUNC_MENU_ID = SM.ID ");
        sbSql.append(" WHERE EXISTS (SELECT 1 ");
        sbSql.append("          FROM LANTOP_USER_AUTH_SET_EXTEND LUASE ");
        sbSql.append("         WHERE INSTR(LUASE.REL_TARGET_ID, LOC.ID) > 0 ");
        sbSql.append("           AND LUASE.ORG_ID = '" + orgId + "'");
        sbSql.append("           AND LUASE.SYS_ID = '" + sysId + "'");
        sbSql.append("           AND LUASE.TARGET_TYPE = '1'");
        sbSql.append("           AND EXISTS (SELECT SUG.GROUP_ID FROM SYS_USER_GROUP SUG WHERE LUASE.TARGET_ID = SUG.GROUP_ID AND SUG.USER_ID = '" + targetId + "' )");
        sbSql.append("           AND LUASE.AUTH_SERVICE_ID = '" + serverId + "'");
        sbSql.append("           AND LUASE.RES_CODE = '" + resCode + "'");
        sbSql.append(") AND LOC.OPERATE_CLASS_NAME<>'利用管理员' "); // 20160623 add wangzp (过滤利用管理员权限)
        sbSql.append("  AND SM.CODE = '" + menuCode + "'");
        // 部门关联按钮权限
        sbSql.append("UNION ALL ");
        sbSql.append("SELECT LOCI.OPERATE_CODE ");
        sbSql.append("  FROM LANTOP_OPERATE_CLASS LOC ");
        sbSql.append(" INNER JOIN LANTOP_OPERATE_CLASS_ITEM LOCI ");
        sbSql.append("    ON LOC.ID = LOCI.LANTOP_OPERATE_CLASS_ID ");
        sbSql.append(" INNER JOIN SYS_MENU SM ");
        sbSql.append("    ON LOCI.FUNC_MENU_ID = SM.ID ");
        sbSql.append(" WHERE EXISTS (SELECT 1 ");
        sbSql.append("          FROM LANTOP_USER_AUTH_SET_EXTEND LUASE ");
        sbSql.append("         WHERE INSTR(LUASE.REL_TARGET_ID, LOC.ID) > 0 ");
        sbSql.append("           AND LUASE.ORG_ID = '" + orgId + "'");
        sbSql.append("           AND LUASE.SYS_ID = '" + sysId + "'");
        sbSql.append("           AND LUASE.TARGET_TYPE = '2'");
        sbSql.append("           AND EXISTS (SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V   WHERE LUASE.TARGET_ID = DEPT_ID AND USER_ID = '" + targetId + "' AND ORG_IDENTITY = '" + orgId + "')");
        sbSql.append("           AND LUASE.AUTH_SERVICE_ID = '" + serverId + "'");
        sbSql.append("           AND LUASE.RES_CODE = '" + resCode + "'");
        sbSql.append(") AND LOC.OPERATE_CLASS_NAME<>'利用管理员' "); // 20160623 add wangzp (过滤利用管理员权限)
        sbSql.append("  AND SM.CODE = '" + menuCode + "'");
        // 岗位关联按钮权限
        sbSql.append("UNION ALL ");
        sbSql.append("SELECT LOCI.OPERATE_CODE ");
        sbSql.append("  FROM LANTOP_OPERATE_CLASS LOC ");
        sbSql.append(" INNER JOIN LANTOP_OPERATE_CLASS_ITEM LOCI ");
        sbSql.append("    ON LOC.ID = LOCI.LANTOP_OPERATE_CLASS_ID ");
        sbSql.append(" INNER JOIN SYS_MENU SM ");
        sbSql.append("    ON LOCI.FUNC_MENU_ID = SM.ID ");
        sbSql.append(" WHERE EXISTS (SELECT 1 ");
        sbSql.append("          FROM LANTOP_USER_AUTH_SET_EXTEND LUASE ");
        sbSql.append("         WHERE INSTR(LUASE.REL_TARGET_ID, LOC.ID) > 0 ");
        sbSql.append("           AND LUASE.ORG_ID = '" + orgId + "'");
        sbSql.append("           AND LUASE.SYS_ID = '" + sysId + "'");
        sbSql.append("           AND LUASE.TARGET_TYPE = '4'");
        sbSql.append("           AND EXISTS (SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V   WHERE LUASE.TARGET_ID = POSITION_ID AND USER_ID = '" + targetId + "' AND ORG_IDENTITY = '" + orgId + "')");
        sbSql.append("           AND LUASE.AUTH_SERVICE_ID = '" + serverId + "'");
        sbSql.append("           AND LUASE.RES_CODE = '" + resCode + "'");
        sbSql.append(") AND LOC.OPERATE_CLASS_NAME<>'利用管理员' "); // 20160623 add wangzp (过滤利用管理员权限)
        sbSql.append("  AND SM.CODE = '" + menuCode + "'");
        sbSql.append("   )");

        List<Map<String, Object>> list = this.jdbcAvicit.queryForMap(sbSql.toString(), null);
        if (null != list) {
            Map<String, Object> map = null;
            StringBuffer jsonSb = new StringBuffer();
            jsonSb.append("{");
            for (int i = 0; i < list.size(); i++) {
                map = list.get(i);
                jsonSb.append((String) map.get("OPERATE_CODE"));
                jsonSb.append(":'1',");
            }
            String json = jsonSb.substring(0, jsonSb.length() - 1);
            if (json.length() > 0) {
                json += "}";
            }
            return json;
        }
        return "";
    }

    /**
     * 用户是否设置了操作权限
     *
     * @param orgIdentity                                                      组织应用Id
     * @param orgId：组织ID
     * @param deptId：部门ID
     * @param sysId：系统标识ID
     * @param targetType：权限设置目标类型。1.角色(role)；2.部门(dept)；3.用户(user)；；4.岗位(job)。
     * @param targetID：权限设置目标ID
     * @param serverId：权限服务ID-LANTOP_AUTH_SERVER_USERSET
     * @param archiveClassId：节点ID
     * @return
     * @throws Exception boolean
     * @author 张坚
     */
    @Override
    public String setUserAuthOperatFlag(String orgId, String deptId, String sysId, String targetType, String targetId, String serverId, String archiveClassId, Map<String, Object> params) throws Exception {
        String orgIdentity = "";
        if (null != params && params.containsKey("orgIdentity")) {
            orgIdentity = (String) params.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }

        String isSet = "0";
        // 用户设置的操作权限
        StringBuffer sbSql1 = new StringBuffer();
        sbSql1.append("SELECT ID");
        sbSql1.append("  FROM CBB_AUTH_RESOURCE CART");

        // 张余----修改
        sbSql1.append(" WHERE ( ");
        sbSql1.append("   EXISTS (SELECT SYS_ROLE_ID ROLE_ID  FROM SYS_USER_ROLE  WHERE CART.TARGET_ID = SYS_ROLE_ID  AND SYS_USER_ID = '" + targetId + "' AND ORG_IDENTITY = '" + orgIdentity + "' ) ");
        sbSql1.append("   OR CART.TARGET_ID = '" + targetId + "' ");
        sbSql1.append("   OR EXISTS ( SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V   WHERE CART.TARGET_ID = DEPT_ID AND USER_ID = '" + targetId + "' AND ORG_IDENTITY = '" + orgIdentity + "' ) ");
        sbSql1.append("   OR EXISTS ( SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V   WHERE CART.TARGET_ID = POSITION_ID AND  USER_ID = '" + targetId + "' AND ORG_IDENTITY = '" + orgIdentity + "' )");
        sbSql1.append(" )");
        // 张余----修改

        sbSql1.append("   AND CART.ORG_ID = '" + orgId + "'");
        sbSql1.append("   AND CART.SYS_ID = '" + sysId + "'");
        sbSql1.append("   AND CART.AUTH_SERVICE_ID = '" + serverId + "'");
        sbSql1.append("   AND CART.OPERATE_AUTH LIKE '1,%'");
        sbSql1.append("   AND CART.CODE = '" + archiveClassId + "'");

        List<Map<String, Object>> cbbAuthResourceList = this.jdbcAvicit.queryForMap(sbSql1.toString(), null);
        for (int i = 0; i < cbbAuthResourceList.size(); i++) {
            String cbbAuthResourceId = (String) cbbAuthResourceList.get(i).get("ID");
            StringBuffer sbSql2 = new StringBuffer();
            sbSql2.append("SELECT ID ");
            sbSql2.append("  FROM LANTOP_USER_AUTH_SET_EXTEND T ");
            sbSql2.append(" WHERE  T.REL_TARGET_NAME <>'利用管理员'"); // 20160623 add wangzp (过滤利用管理员权限)
            sbSql2.append(" AND T.CBB_AUTH_RESOURCE_ID = '" + cbbAuthResourceId + "'");
            List<Map<String, Object>> lantopUserAuthSetExtendList = this.jdbcAvicit.queryForMap(sbSql2.toString(), null);
            if (null != lantopUserAuthSetExtendList && lantopUserAuthSetExtendList.size() > 0) {
                isSet = "1";
                break;
            }
        }
        return isSet;
    }

    /**
     * 获取没有权限的分类树节点ID串
     *
     * @param param 参数：orgId（组织ID）,deptId（部门ID）,sysId（系统标识ID）,targetId（授权目标ID）,targetType（授权维度标识）
     * @return String 格式：ID1,ID2
     * @throws Exception
     * @author 张坚
     */
    @Override
    public List<String> getNotAuthArchiveClassId(Map<String, Object> param) throws Exception {
        String orgId = (String) param.get("orgId");
        String sysId = (String) param.get("sysId");
        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }
        String targetId = (String) param.get("targetId");
        StringBuffer sbSql = new StringBuffer();
        sbSql.append("WITH T1 AS ");
        sbSql.append(" (SELECT LAC.ORG_ID, ");
        sbSql.append("         LAC.DEPT_ID, ");
        sbSql.append("         LAC.SYS_ID, ");
        sbSql.append("         LAC.ARCHIVE_CLASS_NODE_NAME, ");
        sbSql.append("         LAC.ARCHIVE_CLASS_NODE_TYPE, ");
        sbSql.append("         LAC.ID, ");
        sbSql.append("         LAC.PARENT_ID, ");
        sbSql.append("         CARU.ID                     AS CBB_AUTH_RESOURCE_ID, ");
        sbSql.append("         CARU.AUTH_SERVICE_ID, ");
        sbSql.append("         CARU.TARGET_TYPE, ");
        sbSql.append("         CARU.TARGET_ID, ");
        sbSql.append("         CARU.CODE                   AS RES_CODE, ");
        sbSql.append("         CARU.NAME                   AS RES_NAME, ");
        sbSql.append("         CARU.ACTION_TYPE, ");
        sbSql.append("         CARU.OPERATE_AUTH, ");
        sbSql.append("         LAC.ARCHIVE_TYPE, ");
        sbSql.append("         CARU.REL_TARGET_ID, ");
        sbSql.append("         CARU.REL_TARGET_NAME ");
        sbSql.append("    FROM LANTOP_ARCHIVE_CLASS LAC ");
        sbSql.append("    LEFT JOIN (SELECT CART.ID, ");
        sbSql.append("                     CART.AUTH_SERVICE_ID, ");
        sbSql.append("                     CART.TARGET_TYPE, ");
        sbSql.append("                     CART.TARGET_ID, ");
        sbSql.append("                     CART.CODE, ");
        sbSql.append("                     CART.NAME, ");
        sbSql.append("                     CART.ACTION_TYPE, ");
        sbSql.append("                     CART.OPERATE_AUTH, ");
        sbSql.append("                     LUASE.REL_TARGET_ID, ");
        sbSql.append("                     LUASE.REL_TARGET_NAME ");
        sbSql.append("                FROM CBB_AUTH_RESOURCE CART ");
        sbSql.append("                LEFT JOIN LANTOP_USER_AUTH_SET_EXTEND LUASE ");
        sbSql.append("                  ON CART.ID = LUASE.CBB_AUTH_RESOURCE_ID ");

        // 张余----修改
        sbSql.append("                 WHERE ( ");
        // 用户维度
        sbSql.append(" (CART.TARGET_ID = '" + targetId + "'  ");
        sbSql.append("                 AND CART.TARGET_TYPE = '3' ) ");
        // 角色维度
        sbSql.append("  OR ( ");
        sbSql.append("  	  CART.TARGET_TYPE = '1' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T  ");
        sbSql.append("                   WHERE T.SYS_ROLE_ID = CART.TARGET_ID  ");
        sbSql.append("     				AND T.SYS_USER_ID = '" + targetId + "'");
        sbSql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("     		  ) ");
        sbSql.append("     ) ");

        // 部门维度
        sbSql.append("  OR ( ");
        sbSql.append("  	  CART.TARGET_TYPE = '2' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSql.append("                   WHERE T.DEPT_ID = CART.TARGET_ID  ");
        sbSql.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("     		  ) ");
        sbSql.append("     ) ");

        // 岗位维度
        sbSql.append("  OR ( ");
        sbSql.append("  	  CART.TARGET_TYPE = '4' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSql.append("                   WHERE T.POSITION_ID = CART.TARGET_ID  ");
        sbSql.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("     		  ) ");
        sbSql.append("     )) ");
        // 张余----修改

        sbSql.append("                 AND CART.ORG_ID = '" + orgId + "' ");
        sbSql.append("                 AND CART.SYS_ID = '" + sysId + "' ");
        sbSql.append("                 AND CART.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
        sbSql.append("                 ) CARU ");
        sbSql.append("      ON LAC.ID = CARU.CODE ");
        sbSql.append("   WHERE LAC.ORG_ID = '" + orgId + "' ");
        sbSql.append("     AND LAC.SYS_ID = '" + sysId + "' ");
        sbSql.append("     AND LAC.ARCHIVE_CLASS_NODE_CODE NOT IN ('BMWJ', 'GRWJ') ");
        sbSql.append(" AND NOT EXISTS ( SELECT T.ID FROM LANTOP_ARCHIVE_CLASS T WHERE T.ID = LAC.ID AND T.ARCHIVE_TYPE = '10' )");
        sbSql.append(" ) ");
        StringBuffer sbSqlSec = new StringBuffer();
        // 2015-12-28，修改内容：没有给该节点授条目浏览权限，但条目权限配置中设置了可以看到该节点下的某些数据，之前实现看不到该节点，这里做了修改
        sbSqlSec.append("SELECT distinct(NODE_ID) IDS");
        sbSqlSec.append("  FROM (SELECT ID NODE_ID ");
        sbSqlSec.append("          FROM T1 ");
        sbSqlSec.append("         START WITH OPERATE_AUTH LIKE '1,%' ");
        sbSqlSec.append("        CONNECT BY PRIOR PARENT_ID = ID ");
        sbSqlSec.append("        UNION ALL ");
        sbSqlSec.append("        SELECT LUAED.ARCHIVE_CLASS_ID NODE_ID ");
        sbSqlSec.append("          FROM LANTOP_USER_AUTH_EXTEND_DATA LUAED");
        sbSqlSec.append(" WHERE LUAED.ORG_ID = '" + orgId + "'");
        sbSqlSec.append("  AND LUAED.SYS_ID = '" + sysId + "'");
        sbSqlSec.append("  AND (LUAED.START_DATE <=");
        sbSqlSec.append("      to_date(to_char(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR");
        sbSqlSec.append("      LUAED.START_DATE IS NULL)");
        sbSqlSec.append("  AND (LUAED.END_DATE >=");
        sbSqlSec.append("      to_date(to_char(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR");
        sbSqlSec.append("      LUAED.END_DATE IS NULL)");
        // 张余-----修改
        // 用户维度
        sbSqlSec.append("  AND ((LUAED.TARGET_ID = '" + targetId + "' ");
        sbSqlSec.append("    		AND LUAED.TARGET_TYPE = '3' ) ");
        // 角色维度
        sbSqlSec.append("  OR (");
        sbSqlSec.append("  	  LUAED.TARGET_TYPE = '1' ");
        sbSqlSec.append("  	AND EXISTS (");
        sbSqlSec.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T  ");
        sbSqlSec.append("                   WHERE T.SYS_ROLE_ID = LUAED.TARGET_ID  ");
        sbSqlSec.append("     				AND T.SYS_USER_ID = '" + targetId + "'");
        sbSqlSec.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSqlSec.append("     		  ) ");
        sbSqlSec.append("     )");

        // 部门维度
        sbSqlSec.append("  OR (");
        sbSqlSec.append("  	  LUAED.TARGET_TYPE = '2' ");
        sbSqlSec.append("  	AND EXISTS (");
        sbSqlSec.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSqlSec.append("                   WHERE T.DEPT_ID = LUAED.TARGET_ID  ");
        sbSqlSec.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSqlSec.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSqlSec.append("     		  ) ");
        sbSqlSec.append("     )");

        // 岗位维度
        sbSqlSec.append("  OR ( ");
        sbSqlSec.append("  	  LUAED.TARGET_TYPE = '4' ");
        sbSqlSec.append("  	AND EXISTS (");
        sbSqlSec.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSqlSec.append("                   WHERE T.POSITION_ID = LUAED.TARGET_ID  ");
        sbSqlSec.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSqlSec.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSqlSec.append("     		  )))) ");
        // 张余-----修改

        List<String> list = new ArrayList<String>();
        list.add(sbSql.toString());
        list.add(sbSqlSec.toString());
        return list;
    }

    /**
     * 获取对记录有查看权限的用户ID串
     *
     * @param param : nodeId,tableId,tableName,recordId
     * @return
     * @throws Exception Map<String, Object>
     * @author 张坚
     */
    @Override
    public Map<String, Object> getUserIdsAuthDatasByRecord(Map<String, Object> param) throws Exception {
        List<Map<String, Object>> recordList = (ArrayList<Map<String, Object>>) param.get("list");

        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
        }

        // 密级控制
        String sysConfig = this.getMjSysConfigByIntfs(null); // 2为启用目录密级权限控制,4为目录和全文都控制

        Map<String, Object> recordMap = new HashMap<String, Object>();
        for (int i = 0; i < recordList.size(); i++) {
            String nodeId = (String) recordList.get(i).get("nodeId");// 节点ID
            String tableId = (String) recordList.get(i).get("tableId");// 表ID
            String tableName = (String) recordList.get(i).get("tableName");// 表名称
            String recordId = (String) recordList.get(i).get("recordId");// 数据ID

            // 查询有浏览权限用户信息及对应的设置的条件信息
            StringBuffer query = new StringBuffer();
            query.append("WITH T1 AS \n");
            query.append(" (SELECT CAR.TARGET_ID, CAR.TARGET_TYPE, CAR.CODE \n");
            query.append("    FROM CBB_AUTH_RESOURCE CAR \n");
            query.append("   WHERE CAR.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' \n");
            query.append("     AND CAR.OPERATE_AUTH LIKE '1,%' \n");
            query.append("   AND CAR.CODE = '" + nodeId + "' ");
            query.append("   GROUP BY CAR.TARGET_ID, CAR.TARGET_TYPE, CAR.CODE), \n");

            query.append("T2 AS \n");
            query.append(" (SELECT CAR.TARGET_ID, CAR.TARGET_TYPE, CAR.DATA_AUTH, CAR.CODE \n");
            query.append("    FROM CBB_AUTH_RESOURCE CAR \n");
            query.append("   WHERE CAR.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' \n");
            query.append("     AND CAR.OPERATE_AUTH = '1' \n");
            query.append("     AND CAR.ACTION_TYPE = 'A1' \n");
            query.append("   AND CAR.CODE = ");
            query.append("       '" + nodeId + "_" + tableId + "' ");
            query.append("   GROUP BY CAR.TARGET_ID, CAR.TARGET_TYPE, CAR.DATA_AUTH, CAR.CODE), \n");

            query.append("T3 AS \n");
            query.append(" (SELECT T1.TARGET_TYPE, \n");
            query.append("         T1.TARGET_ID, \n");
            query.append("         T2.DATA_AUTH, \n");
            query.append("         T1.CODE        NODE_ID, \n");
            query.append("         T2.CODE        NODE_TABLE_ID \n");
            query.append("    FROM T1 \n");
            query.append("    LEFT JOIN T2 \n");
            query.append("      ON T1.TARGET_ID = T2.TARGET_ID \n");
            query.append("     AND T1.TARGET_TYPE = T2.TARGET_TYPE ),\n");

            query.append("T4 AS \n");
            query.append(" (SELECT T.ID USER_ID, T.SECRET_LEVEL, T3.DATA_AUTH \n");
            query.append("    FROM SYS_USER T \n");
            query.append("    LEFT JOIN T3 \n");
            query.append("      ON T.ID = T3.TARGET_ID \n");
            query.append("   WHERE T3.TARGET_TYPE = '3'), \n");

            query.append("T5 AS \n");
            query.append(" (SELECT T.ID USER_ID, T.SECRET_LEVEL, T3.DATA_AUTH \n");
            query.append("    FROM SYS_USER T \n");
            query.append("    LEFT JOIN SYS_USER_ROLE SR \n");
            query.append("      ON T.ID = SR.SYS_USER_ID \n");
            query.append("    LEFT JOIN T3 \n");
            query.append("      ON SR.SYS_ROLE_ID = T3.TARGET_ID \n");
            query.append("   WHERE T3.TARGET_TYPE = '1' \n");
            query.append("   AND SR.ORG_IDENTITY = '" + orgIdentity + "'), \n");

            query.append("T6 AS \n");
            query.append(" (SELECT T.ID USER_ID, T.SECRET_LEVEL, T3.DATA_AUTH \n");
            query.append("    FROM SYS_USER T \n");
            query.append("    LEFT JOIN BPM_DEF_USER_DEPT_POSITION_V BD \n");
            query.append("      ON BD.USER_ID = T.ID \n");
            query.append("    LEFT JOIN T3 \n");
            query.append("      ON BD.DEPT_ID = T3.TARGET_ID \n");
            query.append("   WHERE T3.TARGET_TYPE = '2' \n");
            query.append("   AND BD.ORG_IDENTITY = '" + orgIdentity + "'), \n");

            query.append("T7 AS \n");
            query.append(" (SELECT T.ID USER_ID, T.SECRET_LEVEL, T3.DATA_AUTH \n");
            query.append("    FROM SYS_USER T \n");
            query.append("    LEFT JOIN BPM_DEF_USER_DEPT_POSITION_V BD \n");
            query.append("      ON BD.USER_ID = T.ID \n");
            query.append("    LEFT JOIN T3 \n");
            query.append("      ON BD.POSITION_ID = T3.TARGET_ID \n");
            query.append("   WHERE T3.TARGET_TYPE = '4' \n");
            query.append("   AND BD.ORG_IDENTITY = '" + orgIdentity + "'), \n");

            query.append("T8 AS \n");
            query.append(" (SELECT T4.* FROM T4 \n");
            query.append("  UNION ALL \n");
            query.append("  SELECT T5.* FROM T5 \n");
            query.append("  UNION ALL \n");
            query.append("  SELECT T6.* FROM T6 \n");
            query.append("  UNION ALL \n");
            query.append("  SELECT T7.* FROM T7) \n");
            query.append("SELECT T8.USER_ID, T8.SECRET_LEVEL, T8.DATA_AUTH FROM T8 \n");
            query.append(" GROUP BY T8.USER_ID, T8.SECRET_LEVEL, T8.DATA_AUTH \n");
            query.append(" ORDER BY T8.USER_ID, T8.DATA_AUTH DESC \n");

            List<Map<String, Object>> list = this.jdbcAvicit.queryForMap(query.toString(), null);
            if (null != list && list.size() > 0) {
                // 有节点浏览权限
                for (int j = 0; j < list.size(); j++) {
                    String targetId = (String) list.get(j).get("USER_ID");
                    String secretLevel = (String) list.get(j).get("SECRET_LEVEL");
                    Object data_auth = list.get(j).get("DATA_AUTH");
                    // 得到已经有权限的用户ID串
                    String userIds = (null == recordMap.get(recordId) ? "" : recordMap.get(recordId).toString());
                    // 如果存在则跳出当次循环
                    if (userIds.indexOf(targetId) > -1) {
                        continue;
                    }

                    // 根据用户密级及条件信息判断是否存在可浏览数据
                    StringBuffer sbSql3 = new StringBuffer();
                    sbSql3.append("SELECT COUNT(*) TOTAL_S FROM " + tableName + " WHERE 1=1 ");
                    if (null != data_auth && data_auth.equals("")) {
                        sbSql3.append(" AND " + data_auth.toString() + " ");
                    }
                    if ("2".equals(sysConfig) || "4".equals(sysConfig)) {
                        // 获取当前登陆用户最大文档密级
                        List<String> secrets = new ArrayList<String>();
                        // 获取文档密级
                        Collection<SysLookupSimpleVo> fileSecretList = upLoader.getLookUpListByType("PLATFORM_FILE_SECRET_LEVEL");
                        Iterator<SysLookupSimpleVo> iter = fileSecretList.iterator();
                        while (iter.hasNext()) {
                            SysLookupSimpleVo sysLookupSimpleVo = iter.next();
                            boolean isHave = upLoader.isRelation(sysLookupSimpleVo.getLookupCode(), secretLevel + "");
                            if (isHave) {
                                secrets.add(sysLookupSimpleVo.getLookupCode());
                            }
                        }
                        int maxSecret = -1;
                        if (secrets.size() > 0) {
                            for (int k = 0; k < secrets.size() - 1; k++) {
                                for (int x = 1; x < secrets.size() - k; x++) {
                                    int temp;
                                    if ((secrets.get(x - 1)).compareTo(secrets.get(x)) > 0) { // 比较两个整数的大小

                                        temp = Integer.parseInt(secrets.get(x - 1));
                                        secrets.set((x - 1), secrets.get(x));
                                        secrets.set(x, temp + "");
                                    }
                                }
                            }
                            // 最大文档密级
                            maxSecret = Integer.parseInt(secrets.get(secrets.size() - 1));
                        }
                        if (maxSecret >= 1) {
                            sbSql3.append(" AND (SECRET_LEVEL <= '" + maxSecret + "' OR SECRET_LEVEL IS NULL OR SECRET_LEVEL = '') ");
                        } else {
                            sbSql3.append(" AND SECRET_LEVEL <= '" + maxSecret + "' ");
                        }
                    }
                    sbSql3.append(" AND ID = '" + recordId + "' ");
                    List<Map<String, Object>> list3 = this.jdbcAvicit.queryForMap(sbSql3.toString(), null);
                    if (Integer.parseInt(list3.get(0).get("TOTAL_S").toString()) > 0) {
                        // SQL过滤后可以看到该记录
                        String targetIds = null == recordMap.get(recordId) ? "" : (String) recordMap.get(recordId) + ",";
                        recordMap.put(recordId, targetIds + targetId);
                    }
                }
            } else {
                // 没有节点浏览权限
                recordMap.put(recordId, "");
            }


            // 查询并添加没有浏览权限但是条目权限中有浏览权限的数据
            StringBuffer sbSql4 = new StringBuffer();
            sbSql4.append("WITH T1 AS \n");
            sbSql4.append(" (SELECT T.* \n");
            sbSql4.append("    FROM LANTOP_USER_AUTH_EXTEND_DATA T \n");
            sbSql4.append("   WHERE T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' \n");
            sbSql4.append("     AND T.OPERATE_AUTH LIKE '1,%' \n");
            sbSql4.append("     AND (T.START_DATE <= \n");
            sbSql4.append("         TO_DATE(TO_CHAR(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR \n");
            sbSql4.append("         T.START_DATE IS NULL) \n");
            sbSql4.append("     AND (T.END_DATE >= \n");
            sbSql4.append("         TO_DATE(TO_CHAR(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR \n");
            sbSql4.append("         T.END_DATE IS NULL) \n");
            sbSql4.append("     AND T.ARCHIVE_CLASS_ID = '" + nodeId + "' \n");
            sbSql4.append("     AND T.RES_CODE = '" + recordId + "'), \n");
            sbSql4.append("T2 AS \n");
            sbSql4.append(" (SELECT SU.ID,SU.SECRET_LEVEL \n");
            sbSql4.append("    FROM SYS_USER SU \n");
            sbSql4.append("    LEFT JOIN SYS_USER_ROLE SR \n");
            sbSql4.append("      ON SR.SYS_USER_ID = SU.ID \n");
            sbSql4.append("    LEFT JOIN T1 \n");
            sbSql4.append("      ON T1.TARGET_ID = SR.SYS_ROLE_ID \n");
            sbSql4.append("   WHERE T1.TARGET_TYPE = '1' \n");
            sbSql4.append("     AND SR.ORG_IDENTITY = '" + orgIdentity + "'), \n");
            sbSql4.append("T3 AS \n");
            sbSql4.append(" (SELECT SU.ID,SU.SECRET_LEVEL \n");
            sbSql4.append("    FROM SYS_USER SU \n");
            sbSql4.append("    LEFT JOIN BPM_DEF_USER_DEPT_POSITION_V SD \n");
            sbSql4.append("      ON SD.USER_ID = SU.ID \n");
            sbSql4.append("    LEFT JOIN T1 \n");
            sbSql4.append("      ON T1.TARGET_ID = SD.DEPT_ID \n");
            sbSql4.append("   WHERE T1.TARGET_TYPE = '2' \n");
            sbSql4.append("     AND SD.ORG_IDENTITY = '" + orgIdentity + "'), \n");
            sbSql4.append("T4 AS \n");
            sbSql4.append(" (SELECT SU.ID,SU.SECRET_LEVEL \n");
            sbSql4.append("    FROM SYS_USER SU \n");
            sbSql4.append("    LEFT JOIN T1 \n");
            sbSql4.append("      ON T1.TARGET_ID = SU.ID \n");
            sbSql4.append("   WHERE T1.TARGET_TYPE = '1' ), \n");
            sbSql4.append("T5 AS \n");
            sbSql4.append(" (SELECT SU.ID,SU.SECRET_LEVEL \n");
            sbSql4.append("    FROM SYS_USER SU \n");
            sbSql4.append("    LEFT JOIN BPM_DEF_USER_DEPT_POSITION_V SD \n");
            sbSql4.append("      ON SD.USER_ID = SU.ID \n");
            sbSql4.append("    LEFT JOIN T1 \n");
            sbSql4.append("      ON T1.TARGET_ID = SD.POSITION_ID \n");
            sbSql4.append("   WHERE T1.TARGET_TYPE = '4' \n");
            sbSql4.append("    AND SD.ORG_IDENTITY = '" + orgIdentity + "'), \n");
            sbSql4.append("T6 AS \n");
            sbSql4.append(" ( SELECT * FROM T2 \n");
            sbSql4.append("  UNION ALL \n");
            sbSql4.append("  SELECT * FROM T3 \n");
            sbSql4.append("  UNION ALL \n");
            sbSql4.append("  SELECT * FROM T4 \n");
            sbSql4.append("  UNION ALL \n");
            sbSql4.append("  SELECT * FROM T5 ) \n");
            sbSql4.append("SELECT * FROM T6 GROUP BY ID, SECRET_LEVEL \n");
            list = this.jdbcAvicit.queryForMap(sbSql4.toString(), null);
            String targetIds = null == recordMap.get(recordId) ? "" : (String) recordMap.get(recordId) + ",";
            for (int j = 0; j < list.size(); j++) {
                Map<String, Object> m = list.get(j);
                String targetId = m.get("USER_ID").toString();
                if (targetIds.indexOf(targetId) == -1) {
                    targetIds += targetId + ",";
                }
            }
            recordMap.put(recordId, targetIds.substring(0, targetIds.length() - 1));

            // 根据数据ID获得其所有的附件ID
            StringBuffer fjsql = new StringBuffer();
            fjsql.append("SELECT T.ID \n");
            fjsql.append("  FROM SYS_ATTACHMENT T \n");
            fjsql.append("  LEFT JOIN CBB_DOC_RELATION CDR ON CDR.ATTACHMENT_ID = T.ID \n");
            fjsql.append(" WHERE CDR.RECORD_ID = '" + recordId + "' \n");
            list = this.jdbcAvicit.queryForMap(fjsql.toString(), null);
            for (int j = 0; j < list.size(); j++) {
                Map<String, Object> m = list.get(j);
                String id = m.get("ID").toString();
                recordMap.put(id, recordMap.get(recordId));
            }
        }
        return recordMap;
    }

    /**
     * 获取对记录有查看权限的用户ID串(全文权限)
     *
     * @param param : nodeId,tableId,tableName,recordId
     * @return
     * @throws Exception Map<String, Object>
     * @author 王志鹏  20160817 add
     */
    @Override
    @SuppressWarnings("rawtypes")
    public Map<String, Object> getUserIdsAuthDatasByQwByRecord(Map<String, Object> param) throws Exception {
        List<Map<String, Object>> recordList = (ArrayList<Map<String, Object>>) param.get("list");

        String orgId = "";
        if (null != param && param.containsKey("orgId")) {
            orgId = (String) param.get("orgId"); // 组织应用ID
        }

        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }

        // 密级控制
        String sysConfig = this.getMjSysConfigByIntfs(null); // 3为启用全文密级权限控制,4为目录和全文都控制

        Map<String, Object> recordMap = new HashMap<String, Object>();
        for (int i = 0; i < recordList.size(); i++) {
            String nodeId = (String) recordList.get(i).get("nodeId");
            String tableId = (String) recordList.get(i).get("tableId");
            String tableName = (String) recordList.get(i).get("tableName");
            Map<String, String> rmap = (Map<String, String>) recordList.get(i).get("recordIdMap");
            Iterator ita = rmap.keySet().iterator();
            String rid = "";// 数据ID
            String aids = "";// 附件ID串,逗号分割
            while (ita.hasNext()) {
                rid = String.valueOf(ita.next());// 数据ID
                aids = rmap.get(rid);// 附件ID串,逗号分割
            }
            String[] aaid = aids.split(",");// 附件集合ID数组

            // 全文浏览权限
            // 查询有全文浏览权限用户信息及对应的设置的条件信息
            StringBuffer query = new StringBuffer();
            query.append("WITH T1 AS \n");
            query.append(" (SELECT CAR.TARGET_ID, CAR.TARGET_TYPE, CAR.CODE \n");
            query.append("    FROM CBB_AUTH_RESOURCE CAR \n");
            query.append("   WHERE CAR.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' \n");
            query.append("     AND CAR.OPERATE_AUTH LIKE '1,1,%' \n");
            query.append("   AND CAR.CODE = '" + nodeId + "' ");
            query.append("   AND CAR.ORG_ID = '" + orgId + "' ");
            query.append("   GROUP BY CAR.TARGET_ID, CAR.TARGET_TYPE, CAR.CODE), \n");
            query.append("T2 AS \n");
            query.append(" (SELECT CAR.TARGET_ID, CAR.TARGET_TYPE, CAR.DATA_AUTH, CAR.CODE \n");
            query.append("    FROM CBB_AUTH_RESOURCE CAR \n");
            query.append("   WHERE CAR.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' \n");
            query.append("     AND CAR.OPERATE_AUTH = '1' \n");
            query.append("     AND CAR.ACTION_TYPE = 'A2' \n");
            query.append("   AND CAR.CODE = ");
            query.append("       '" + nodeId + "_" + tableId + "' ");
            query.append("   AND CAR.ORG_ID = '" + orgId + "' ");
            query.append("   GROUP BY CAR.TARGET_ID, CAR.TARGET_TYPE, CAR.DATA_AUTH, CAR.CODE), \n");
            query.append("T3 AS \n");
            query.append(" (SELECT T1.TARGET_TYPE, \n");
            query.append("         T1.TARGET_ID, \n");
            query.append("         T2.DATA_AUTH, \n");
            query.append("         T1.CODE        NODE_ID, \n");
            query.append("         T2.CODE        NODE_TABLE_ID \n");
            query.append("    FROM T1 \n");
            query.append("    LEFT JOIN T2 \n");
            query.append("      ON T1.TARGET_ID = T2.TARGET_ID \n");
            query.append("     AND T1.TARGET_TYPE = T2.TARGET_TYPE ),\n");
            query.append("T4 AS \n");
            query.append(" (SELECT T.ID USER_ID, T.SECRET_LEVEL, T3.DATA_AUTH \n");
            query.append("    FROM SYS_USER T \n");
            query.append("    LEFT JOIN T3 \n");
            query.append("      ON T.ID = T3.TARGET_ID \n");
            query.append("   WHERE T3.TARGET_TYPE = '3'), \n");
            query.append("T5 AS \n");
            query.append(" (SELECT T.ID USER_ID, T.SECRET_LEVEL, T3.DATA_AUTH \n");
            query.append("    FROM SYS_USER T \n");
            query.append("    LEFT JOIN SYS_USER_ROLE SR \n");
            query.append("      ON T.ID = SR.SYS_USER_ID \n");
            query.append("    LEFT JOIN T3 \n");
            query.append("      ON SR.SYS_ROLE_ID = T3.TARGET_ID \n");
            query.append("   WHERE T3.TARGET_TYPE = '1'), \n");
            query.append("T6 AS \n");
            query.append(" (SELECT T.ID USER_ID, T.SECRET_LEVEL, T3.DATA_AUTH \n");
            query.append("    FROM SYS_USER T \n");
            query.append("    LEFT JOIN BPM_DEF_USER_DEPT_POSITION_V BD \n");
            query.append("      ON BD.USER_ID = T.ID \n");
            query.append("    LEFT JOIN T3 \n");
            query.append("      ON BD.DEPT_ID = T3.TARGET_ID \n");
            query.append("   WHERE T3.TARGET_TYPE = '2'), \n");
            query.append("T7 AS \n");
            query.append(" (SELECT T.ID USER_ID, T.SECRET_LEVEL, T3.DATA_AUTH \n");
            query.append("    FROM SYS_USER T \n");
            query.append("    LEFT JOIN BPM_DEF_USER_DEPT_POSITION_V BD \n");
            query.append("      ON BD.USER_ID = T.ID \n");
            query.append("    LEFT JOIN T3 \n");
            query.append("      ON BD.POSITION_ID = T3.TARGET_ID \n");
            query.append("   WHERE T3.TARGET_TYPE = '4'), \n");
            query.append("T8 AS \n");
            query.append(" (SELECT T4.* FROM T4 \n");
            query.append("  UNION ALL \n");
            query.append("  SELECT T5.* FROM T5 \n");
            query.append("  UNION ALL \n");
            query.append("  SELECT T6.* FROM T6 \n");
            query.append("  UNION ALL \n");
            query.append("  SELECT T7.* FROM T7) \n");
            query.append("SELECT T8.USER_ID, T8.SECRET_LEVEL, T8.DATA_AUTH FROM T8 \n");
            query.append(" GROUP BY T8.USER_ID, T8.SECRET_LEVEL, T8.DATA_AUTH \n");
            query.append(" ORDER BY T8.USER_ID, T8.DATA_AUTH DESC \n");
            List<Map<String, Object>> list = this.jdbcAvicit.queryForMap(query.toString(), null);

            if (null != list && list.size() > 0) {
                // 有全文浏览权限
                for (int j = 0; j < list.size(); j++) {
                    String targetId = (String) list.get(j).get("USER_ID");
                    String secretLevel = (String) list.get(j).get("SECRET_LEVEL");
                    Object data_auth = list.get(j).get("DATA_AUTH");
                    boolean ok = false;// 判断用户是否存在
                    // 得到已经有权限的用户ID串
                    for (String aid : aaid) {
                        if (null == aid || "".equals(aid)) {
                            continue;
                        }
                        String userIds = null == recordMap.get(aid) ? "" : (String) recordMap.get(aid) + ",";
                        if (userIds.indexOf(targetId) > -1) {
                            ok = true;
                            break;
                        }
                    }
                    if (ok) {
                        continue;
                    }

                    // 有过滤条件 或 有密级控制
                    StringBuffer sbSql3 = new StringBuffer();
                    sbSql3.append("SELECT COUNT(*) TOTAL_S FROM ");
                    sbSql3.append(" ( SELECT * FROM " + tableName + "  ");
                    sbSql3.append(" WHERE ID = '" + rid + "' ");
                    if (null != data_auth && data_auth.equals("")) {
                        sbSql3.append(" AND " + data_auth.toString() + " ");
                    }
                    sbSql3.append(" ) T ");
                    sbSql3.append("  LEFT JOIN CBB_DOC_RELATION CDR ON CDR.RECORD_ID = T.ID ");
                    sbSql3.append(" LEFT JOIN SYS_ATTACHMENT SA ON SA.ID = CDR.ATTACHMENT_ID ");
                    sbSql3.append(" WHERE CDR.IF_DELETE = 'N' ");

                    if ("3".equals(sysConfig) || "4".equals(sysConfig)) {
                        // 获取当前登陆用户最大文档密级
                        List<String> secrets = new ArrayList<String>();
                        // 获取文档密级
                        Collection<SysLookupSimpleVo> fileSecretList = upLoader.getLookUpListByType("PLATFORM_FILE_SECRET_LEVEL");
                        Iterator<SysLookupSimpleVo> iter = fileSecretList.iterator();
                        while (iter.hasNext()) {
                            SysLookupSimpleVo sysLookupSimpleVo = iter.next();
                            boolean isHave = upLoader.isRelation(sysLookupSimpleVo.getLookupCode(), secretLevel + "");
                            if (isHave) {
                                secrets.add(sysLookupSimpleVo.getLookupCode());
                            }
                        }
                        int maxSecret = -1;
                        if (secrets.size() > 0) {
                            for (int k = 0; k < secrets.size() - 1; k++) {
                                for (int x = 1; x < secrets.size() - k; x++) {
                                    int temp;
                                    if ((secrets.get(x - 1)).compareTo(secrets.get(x)) > 0) { // 比较两个整数的大小

                                        temp = Integer.parseInt(secrets.get(x - 1));
                                        secrets.set((x - 1), secrets.get(x));
                                        secrets.set(x, temp + "");
                                    }
                                }
                            }
                            // 最大文档密级
                            maxSecret = Integer.parseInt(secrets.get(secrets.size() - 1));
                        }
                        if (maxSecret >= 1) {
                            sbSql3.append(" AND (CDR.SECRET_LEVEL <= '" + maxSecret + "' OR CDR.SECRET_LEVEL IS NULL OR CDR.SECRET_LEVEL = '') ");
                        } else {
                            sbSql3.append(" AND CDR.SECRET_LEVEL <= '" + maxSecret + "' ");
                        }
                    }
                    List<Map<String, Object>> list3 = this.jdbcAvicit.queryForMap(sbSql3.toString(), null);
                    if (Integer.parseInt(list3.get(0).get("TOTAL_S").toString()) > 0) {
                        // SQL过滤后可以看到该记录
                        for (String aid : aaid) {
                            if (null == aid || "".equals(aid)) {
                                continue;
                            }
                            String targetIds = null == recordMap.get(aid) ? "" : (String) recordMap.get(aid) + ",";
                            recordMap.put(aid, targetIds + targetId);
                        }
                    }
                }
            } else {
                // 没有全文浏览权限
                for (String aid : aaid) {
                    if (null == aid || "".equals(aid)) {
                        continue;
                    }
                    recordMap.put(aid, "");
                }
            }

            for (String aid : aaid) {
                if (null == aid || "".equals(aid)) {
                    continue;
                }
                // 查询条目权限设置中有浏览权限的用户信息
                StringBuffer sbSql4 = new StringBuffer();
                sbSql4.append("WITH T1 AS \n");
                sbSql4.append(" (SELECT T.* \n");
                sbSql4.append("    FROM LANTOP_USER_AUTH_EXTEND_DATA T \n");
                sbSql4.append("   WHERE T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' \n");
                sbSql4.append("     AND T.OPERATE_AUTH LIKE '1,%' \n");
                sbSql4.append("     AND (T.START_DATE <= \n");
                sbSql4.append("         TO_DATE(TO_CHAR(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR \n");
                sbSql4.append("         T.START_DATE IS NULL) \n");
                sbSql4.append("     AND (T.END_DATE >= \n");
                sbSql4.append("         TO_DATE(TO_CHAR(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR \n");
                sbSql4.append("         T.END_DATE IS NULL) \n");
                sbSql4.append("     AND T.ARCHIVE_CLASS_ID = '" + nodeId + "' \n");
                sbSql4.append("     AND T.RES_CODE = '" + aid + "'), \n");
                sbSql4.append("T2 AS \n");
                sbSql4.append(" (SELECT SU.ID,SU.SECRET_LEVEL \n");
                sbSql4.append("    FROM SYS_USER SU \n");
                sbSql4.append("    LEFT JOIN SYS_USER_ROLE SR \n");
                sbSql4.append("      ON SR.SYS_USER_ID = SU.ID \n");
                sbSql4.append("    LEFT JOIN T1 \n");
                sbSql4.append("      ON T1.TARGET_ID = SR.SYS_ROLE_ID \n");
                sbSql4.append("   WHERE T1.TARGET_TYPE = '1' \n");
                sbSql4.append("     AND SR.ORG_IDENTITY = '" + orgIdentity + "'), \n");
                sbSql4.append("T3 AS \n");
                sbSql4.append(" (SELECT SU.ID,SU.SECRET_LEVEL \n");
                sbSql4.append("    FROM SYS_USER SU \n");
                sbSql4.append("    LEFT JOIN BPM_DEF_USER_DEPT_POSITION_V SD \n");
                sbSql4.append("      ON SD.USER_ID = SU.ID \n");
                sbSql4.append("    LEFT JOIN T1 \n");
                sbSql4.append("      ON T1.TARGET_ID = SD.DEPT_ID \n");
                sbSql4.append("   WHERE T1.TARGET_TYPE = '2' \n");
                sbSql4.append("     AND SD.ORG_IDENTITY = '" + orgIdentity + "'), \n");
                sbSql4.append("T4 AS \n");
                sbSql4.append(" (SELECT SU.ID,SU.SECRET_LEVEL \n");
                sbSql4.append("    FROM SYS_USER SU \n");
                sbSql4.append("    LEFT JOIN T1 \n");
                sbSql4.append("      ON T1.TARGET_ID = SU.ID \n");
                sbSql4.append("   WHERE T1.TARGET_TYPE = '1' ), \n");
                sbSql4.append("T5 AS \n");
                sbSql4.append(" (SELECT SU.ID,SU.SECRET_LEVEL \n");
                sbSql4.append("    FROM SYS_USER SU \n");
                sbSql4.append("    LEFT JOIN BPM_DEF_USER_DEPT_POSITION_V SD \n");
                sbSql4.append("      ON SD.USER_ID = SU.ID \n");
                sbSql4.append("    LEFT JOIN T1 \n");
                sbSql4.append("      ON T1.TARGET_ID = SD.POSITION_ID \n");
                sbSql4.append("   WHERE T1.TARGET_TYPE = '4' \n");
                sbSql4.append("    AND SD.ORG_IDENTITY = '" + orgIdentity + "'), \n");
                sbSql4.append("T6 AS \n");
                sbSql4.append(" ( SELECT * FROM T2 \n");
                sbSql4.append("  UNION ALL \n");
                sbSql4.append("  SELECT * FROM T3 \n");
                sbSql4.append("  UNION ALL \n");
                sbSql4.append("  SELECT * FROM T4 \n");
                sbSql4.append("  UNION ALL \n");
                sbSql4.append("  SELECT * FROM T5 ) \n");
                sbSql4.append("SELECT * FROM T6 GROUP BY ID, SECRET_LEVEL \n");

                List<Map<String, Object>> list1 = this.jdbcAvicit.queryForMap(sbSql4.toString(), null);
                String targetIds = null == recordMap.get(aid) ? "" : (String) recordMap.get(aid) + ",";
                for (int j = 0; j < list1.size(); j++) {
                    Map<String, Object> m = list1.get(j);
                    String targetId = m.get("USER_ID").toString();
                    if (targetIds.indexOf(targetId) == -1) {
                        targetIds += targetId + ",";
                    }
                }
                recordMap.put(aid, targetIds.substring(0, targetIds.length() - 1));
            }
        }
        return recordMap;
    }

    /**
     * 获取附件的权限
     *
     * @param param nodeId:节点ID,dataIds:数据ID,多个用逗号分隔;targetId:用户ID;targetType:维度，群组=1，用户=3;orgId:组织ID;sysId:系统标识ID;serverId:服务ID，兰台档案为LANTOP_AUTH_SERVER_USERSET
     * @return
     * @throws Exception Map<String,Object>
     * @author 张坚
     */
    @Override
    public Map<String, Object> getAttachmentAuth(Map<String, Object> param) throws Exception {
        String orgId = (String) param.get("orgId");
        String sysId = (String) param.get("sysId");
        String serverId = (String) param.get("serverId");
        String nodeId = (String) param.get("nodeId");
        String dataIds = (String) param.get("dataIds");
        String dataIdsSql = "'" + dataIds.replace(",", "','") + "'";
        String targetId = (String) param.get("targetId");
        String currentOrgCodeRole = (String) param.get("currentOrgCodeRole"); // 全宗外用户角色
        String currentOrgIdorgId = (String) param.get("currentOrgIdorgId"); // （跨全宗的）外全宗ID
        // String targetType = (String) param.get("targetType");
        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }

        // 是否查询 未删除/已删除 (Y/N) 附件信息
        String isYn = (String) param.get("isYn");
        int userSecretLevel = 1;
        if (null != param.get("userSecretLevel")) {
            userSecretLevel = Integer.parseInt(param.get("userSecretLevel") + ""); // 用户密级
        }

        Map<String, Object> authMap = new HashMap<String, Object>(); // 附件权限

        // 节点下所有的附件的权限
        StringBuffer sbSql1 = new StringBuffer();

        // SanXiaFiles create by zhaoxiaolong currentOrgCodeRole,currentOrgIdorgId不为空，证明是跨全宗检索权限
        if((""==currentOrgCodeRole&&""==currentOrgIdorgId)||("".equals(currentOrgCodeRole)&&"".equals(currentOrgIdorgId))){
            // 优化sql查询
            sbSql1.append("SELECT OPERATE_AUTH\n");
            sbSql1.append("  FROM CBB_AUTH_RESOURCE CART\n");
            sbSql1.append(" WHERE CART.TARGET_ID = '" + targetId + "'\n");
            sbSql1.append("   AND CART.TARGET_TYPE = '3'\n");
            sbSql1.append("   AND CART.ORG_ID = '" + orgId + "'\n");
            sbSql1.append("   AND CART.SYS_ID = '" + sysId + "'\n");
            sbSql1.append("   AND CART.AUTH_SERVICE_ID = '" + serverId + "'\n");
            sbSql1.append("   AND CART.OPERATE_AUTH LIKE '1,%'\n");
            sbSql1.append("   AND CART.CODE = '" + nodeId + "'");
            sbSql1.append("UNION ALL\n");
            sbSql1.append("SELECT OPERATE_AUTH\n");
            sbSql1.append("  FROM CBB_AUTH_RESOURCE CART\n");
            sbSql1.append(" WHERE CART.TARGET_ID IN\n");
            sbSql1.append("       (SELECT SYS_ROLE_ID ROLE_ID\n");
            sbSql1.append("          FROM SYS_USER_ROLE\n");
            sbSql1.append("         WHERE SYS_USER_ID = '" + targetId + "'\n");
            sbSql1.append("           AND ORG_IDENTITY = '" + orgIdentity + "')\n");
            sbSql1.append("   AND CART.TARGET_TYPE = '1'\n");
            sbSql1.append("   AND CART.ORG_ID = '" + orgId + "'\n");
            sbSql1.append("   AND CART.SYS_ID = '" + sysId + "'\n");
            sbSql1.append("   AND CART.AUTH_SERVICE_ID = '" + serverId + "'\n");
            sbSql1.append("   AND CART.OPERATE_AUTH LIKE '1,%'\n");
            sbSql1.append("   AND CART.CODE = '" + nodeId + "'");
            sbSql1.append("UNION ALL\n");
            sbSql1.append("SELECT OPERATE_AUTH\n");
            sbSql1.append("  FROM CBB_AUTH_RESOURCE CART\n");
            sbSql1.append(" WHERE CART.TARGET_TYPE = '2'\n");
            sbSql1.append("   AND CART.TARGET_ID IN\n");
            sbSql1.append("       (SELECT DEPT_ID\n");
            sbSql1.append("          FROM BPM_DEF_USER_DEPT_POSITION_V\n");
            sbSql1.append("         WHERE USER_ID = '" + targetId + "'\n");
            sbSql1.append("           AND ORG_IDENTITY = '" + orgIdentity + "')\n");
            sbSql1.append("   AND CART.ORG_ID = '" + orgId + "'\n");
            sbSql1.append("   AND CART.SYS_ID = '" + sysId + "'\n");
            sbSql1.append("   AND CART.AUTH_SERVICE_ID = '" + serverId + "'\n");
            sbSql1.append("   AND CART.OPERATE_AUTH LIKE '1,%'\n");
            sbSql1.append("   AND CART.CODE = '" + nodeId + "'");
            sbSql1.append("UNION ALL\n");
            sbSql1.append("SELECT OPERATE_AUTH\n");
            sbSql1.append("  FROM CBB_AUTH_RESOURCE CART\n");
            sbSql1.append(" WHERE CART.TARGET_TYPE = '4'\n");
            sbSql1.append("   AND CART.TARGET_ID IN\n");
            sbSql1.append("       (SELECT POSITION_ID\n");
            sbSql1.append("          FROM BPM_DEF_USER_DEPT_POSITION_V\n");
            sbSql1.append("         WHERE USER_ID = '" + targetId + "'\n");
            sbSql1.append("           AND ORG_IDENTITY = '" + orgIdentity + "')\n");
            sbSql1.append("   AND CART.ORG_ID = '" + orgId + "'\n");
            sbSql1.append("   AND CART.SYS_ID = '" + sysId + "'\n");
            sbSql1.append("   AND CART.AUTH_SERVICE_ID = '" + serverId + "'\n");
            sbSql1.append("   AND CART.OPERATE_AUTH LIKE '1,%'\n");
            sbSql1.append("   AND CART.CODE = '" + nodeId + "'");
        } else {
            sbSql1.append(
                    "SELECT\n" +
                    "\tOPERATE_AUTH \n" +
                    "FROM\n" +
                    "\tCBB_AUTH_RESOURCE CART \n" +
                    "WHERE\n" +
                    "\tCART.TARGET_ID IN (SELECT ID FROM SYS_ROLE WHERE ROLE_CODE='"+currentOrgCodeRole+"') \n" +
                    "\tAND CART.TARGET_TYPE = '1' \n" + // 权限设置目标类型为角色
                    "\tAND CART.ORG_ID = '"+currentOrgIdorgId+"' \n" +
                    "\tAND CART.SYS_ID = '" + sysId + "' \n" +
                    "\tAND CART.AUTH_SERVICE_ID = '" + serverId + "' \n" +
                    "\tAND CART.OPERATE_AUTH LIKE '1,%' \n" +
                    "\tAND CART.CODE = '" + nodeId + "'");
        }

        List<Map<String, Object>> list1 = this.jdbcAvicit.queryForMap(sbSql1.toString(), null);
        // 数据节点下的附件
        StringBuffer sbSql2 = new StringBuffer();
        sbSql2.append("SELECT SA.ID, CDR.SECRET_LEVEL FROM CBB_DOC_RELATION CDR");
        sbSql2.append(" LEFT JOIN SYS_ATTACHMENT SA ON SA.ID = CDR.ATTACHMENT_ID ");
        sbSql2.append(" WHERE RECORD_ID IN (" + dataIdsSql + ")");
        if ("Y".equals(isYn)) {
            sbSql2.append(" AND IF_DELETE = 'Y' ");
        } else {
            sbSql2.append(" AND IF_DELETE = 'N' ");
        }
        //--2019/8/14 xmw 防止附件记录被误删id为空的情况
        sbSql2.append(" AND SA.ID IS NOT NULL");

        List<Map<String, Object>> list2 = this.jdbcAvicit.queryForMap(sbSql2.toString(), null);
        StringBuffer attachmentIds = new StringBuffer(); // 数据节点下的所有附件
        if (null != list1 && list1.size() > 0) {
            // 已设置附件权限
            // String operateAuth = (String) list1.get(0).get("OPERATE_AUTH");
            String operateAuth = getAuthIntfsAll(list1);
            if (null != list2 && list2.size() > 0) {
                // 存在附件
                for (int i = 0; i < list2.size(); i++) {
                    Map<String, Object> attachMap = list2.get(i);
                    String attachmentId = (String) attachMap.get("ID");
                    if (null != attachMap.get("SECRET_LEVEL") && !"".equals(String.valueOf(attachMap.get("SECRET_LEVEL"))) && !"null".equals(String.valueOf(attachMap.get("SECRET_LEVEL")))) {
                        authMap.put(attachmentId, operateAuth);
                    	// 权限优化：20201225 跨全宗没有权限
                    	authMap.put(attachmentId, "0,0,0,0");
                        //sanxiaFilse create by wuliang 2019.9.17  注释掉下面代码  现在业务不需要下面这个判断
						/*int secretLevel = 1;
						try {
							secretLevel = Integer.parseInt(attachMap.get("SECRET_LEVEL") + ""); // 附件密级
						} catch (Exception e) {

						}

						attachmentIds.append(attachmentId);
						if (i < list2.size() - 1) {
							attachmentIds.append(",");
						}

						String sysConfig = this.getMjSysConfigByIntfs(null); // 3为启用全文密级权限控制,4为目录和全文都控制
						if (("3".equals(sysConfig) || "4".equals(sysConfig))) {
							// 获取当前登陆用户最大文档密级
							List<String> secrets = new ArrayList<String>();
							// 获取文档密级
							Collection<SysLookupSimpleVo> fileSecretList = upLoader.getLookUpListByType("PLATFORM_FILE_SECRET_LEVEL");
							Iterator<SysLookupSimpleVo> iter = fileSecretList.iterator();
							while (iter.hasNext()) {
								SysLookupSimpleVo sysLookupSimpleVo = iter.next();
								boolean isHave = upLoader.isRelation(sysLookupSimpleVo.getLookupCode(), userSecretLevel + "");
								if (isHave) {
									secrets.add(sysLookupSimpleVo.getLookupCode());
								}
							}
							int maxSecret = -1;
							if (secrets.size() > 0) {
								for (int k = 0; k < secrets.size() - 1; k++) {
									for (int j = 1; j < secrets.size() - k; j++) {
										int temp;
										if ((secrets.get(j - 1)).compareTo(secrets.get(j)) > 0) { // 比较两个整数的大小

											temp = Integer.parseInt(secrets.get(j - 1));
											secrets.set((j - 1), secrets.get(j));
											secrets.set(j, temp + "");
										}
									}
								}
								// 最大文档密级
								maxSecret = Integer.parseInt(secrets.get(secrets.size() - 1));
							}
							if (maxSecret >= secretLevel) {
								authMap.put(attachmentId, operateAuth); // key:附件ID;value:权限
							} else {
								authMap.put(attachmentId, "1,0,0,0"); // key:附件ID;value:权限;用户密级小于附件，没有浏览权限
							}
						} else {
							authMap.put(attachmentId, operateAuth); // key:附件ID;value:权限
						}*/
                    } else {
                        authMap.put(attachmentId, "1,0,0,0"); // key:附件ID;value:权限;附件密级为空，没有浏览权限
                    }
                }
            }
        }
        // 判断目标所在节点是否进行条件权限过滤，如果有条件过滤，进行数据筛选，判断是否有浏览权限
        // 通过附件id在附件关系表中查询tableId和数据id
        String attachIds = "";
        if (list2.size() > 0) {
            for (int i = 0; i < list2.size(); i++) {
                Map<String, Object> attachMap = list2.get(i);
                attachIds += attachMap.get("ID");
                if (i != list2.size() - 1) {
                    attachIds += ",";
                }
            }
            String[] attachIdsArray = attachIds.toString().split(",");
            if (attachIdsArray.length > 0) {
                String attachId = attachIdsArray[0];
                // 通过附件id获取数据id和表id
                String sql = "SELECT * FROM CBB_DOC_RELATION WHERE ATTACHMENT_ID = '" + attachId + "'";
                List<Map<String, Object>> list = this.jdbcAvicit.getJdbcTemplate().queryForList(sql);
                if (list.size() > 0) {
                    String tableId = (String) list.get(0).get("ARCHIVE_TABLE_ID");
                    String recordId = (String) list.get(0).get("RECORD_ID");
                    String deptId = (String) list.get(0).get("DEPT_ID");

                    // 通过用户及节点id和表id查询条件权限
                    String authSql = getQWauthSql(tableId, nodeId, orgId, sysId, targetId, orgIdentity);
                    // 存在附件条件权限时，获取条件权限语句进行数据查询
                    if (!authSql.equals("")) {
                        Map<String, Object> m = new HashMap<String, Object>();
                        String searchSql = " AND ID = '" + recordId + "' AND  ( " + authSql + " )";
                        List<Map<String, Object>> dataList = this.billDefineManagerIntfsService.getTableFieldsAndDatasBySearchByNoChangeByIntfs(orgId, deptId, sysId, tableId, "", "", searchSql, m);
                        if (dataList.size() < 1) {
                            for (int i = 0; i < attachIdsArray.length; i++) {
                                authMap.put(attachIdsArray[i], "1,0,0,0");
                            }
                        }
                    } else {

                        // 不存在附件条件权限时，进行条目条件权限查询
                        StringBuffer sbSql = new StringBuffer();
                        sbSql.append("SELECT * \n");
                        sbSql.append("  FROM CBB_AUTH_RESOURCE CARB \n");
                        sbSql.append(" WHERE (CARB.TARGET_ID = '" + targetId + "'\n");
                        sbSql.append("        OR EXISTS (SELECT SYS_ROLE_ID ROLE_ID \n");
                        sbSql.append("           FROM SYS_USER_ROLE \n");
                        sbSql.append("          WHERE CARB.TARGET_ID  = SYS_ROLE_ID \n");
                        sbSql.append("            AND SYS_USER_ID = '" + targetId + "' \n");
                        sbSql.append("            AND ORG_IDENTITY = '" + orgIdentity + "')) \n");
                        sbSql.append("   AND ACTION_TYPE = 'A1' \n");
                        sbSql.append("   AND CODE = '" + nodeId + "_" + tableId + "'\n");

						/*String recordAuthSql = "SELECT * FROM CBB_AUTH_RESOURCE carb " +
						// 张余 ---- 修改
								" WHERE (TARGET_ID = '" + targetId + "' " + " OR EXISTS (  SELECT SYS_ROLE_ID ROLE_ID  FROM SYS_USER_ROLE " + " WHERE carb.TARGET_ID SYS_ROLE_ID= SYS_ROLE_ID AND  SYS_USER_ID ='" + targetId + "' AND ORG_IDENTITY = '" + orgIdentity + "')) " +
								// 张余 ---- 修改
								" AND ACTION_TYPE = 'A1' " + " AND CODE = '" + nodeId + "_" + tableId + "'";*/
                        List<Map<String, Object>> recordAuthList = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSql.toString());
                        if (recordAuthList.size() > 0) {
                            String sqlWhere = (String) recordAuthList.get(0).get("DATA_AUTH");
                            Map<String, Object> m = new HashMap<String, Object>();
                            String searchSql = " AND ID = '" + recordId + "' AND " + sqlWhere;
                            List<Map<String, Object>> dataList = this.billDefineManagerIntfsService.getTableFieldsAndDatasBySearchByNoChangeByIntfs(orgId, deptId, sysId, tableId, "", "", searchSql, m);
                            if (dataList.size() < 1) {
                                for (int i = 0; i < attachIdsArray.length; i++) {
                                    authMap.put(attachIdsArray[i], "1,0,0,0");
                                }
                            }
                        }
                    }
                }
            }
        }
        // 条目权限设置中对具体附件的权限
		/*String attachmentIdsStr = "";
		if (null != list2 && list2.size() > 0) {
			// 存在附件
			for (int i = 0; i < list2.size(); i++) {
				Map<String, Object> attachMap = list2.get(i);
				String attachmentId = (String) attachMap.get("ID");
				attachmentIdsStr = attachmentIdsStr + "'" + attachmentId + "',";
			}
		}
		if (!"".equals(attachmentIdsStr)) {}*/

        StringBuffer sbSql3 = new StringBuffer();
        sbSql3.append("SELECT T.RES_CODE, T.OPERATE_AUTH ");
        sbSql3.append("  FROM LANTOP_USER_AUTH_EXTEND_DATA T ");

        // 张余-----修改
        sbSql3.append("                 WHERE ( (T.TARGET_ID = '" + targetId + "' ");
        sbSql3.append("                 AND T.TARGET_TYPE = '3' ) ");

        // 角色维度
        sbSql3.append("  OR ( ");
        sbSql3.append("  	  T.TARGET_TYPE = '1' ");
        sbSql3.append("  	AND EXISTS(");
        sbSql3.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T1  ");
        sbSql3.append("                   WHERE T1.SYS_ROLE_ID = T.TARGET_ID  ");
        sbSql3.append("     				AND T1.SYS_USER_ID = '" + targetId + "'");
        sbSql3.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql3.append("     		  ) ");
        sbSql3.append("     ) ");

        // 部门维度
        sbSql3.append("  OR ( ");
        sbSql3.append("  	  T.TARGET_TYPE = '2' ");
        sbSql3.append("  	AND EXISTS(");
        sbSql3.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T1 ");
        sbSql3.append("                   WHERE T1.DEPT_ID = T.TARGET_ID  ");
        sbSql3.append("     				AND T1.USER_ID = '" + targetId + "'");
        sbSql3.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql3.append("     		  ) ");
        sbSql3.append("     ) ");

        // 岗位维度
        sbSql3.append("  OR ( ");
        sbSql3.append("  	  T.TARGET_TYPE = '4' ");
        sbSql3.append("  	AND EXISTS(");
        sbSql3.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T1 ");
        sbSql3.append("                   WHERE T1.POSITION_ID = T.TARGET_ID  ");
        sbSql3.append("     				AND T1.USER_ID = '" + targetId + "'");
        sbSql3.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql3.append("     		  ) ");
        sbSql3.append("     )) ");
        // 张余-----修改

        sbSql3.append("   AND T.AUTH_SERVICE_ID = '" + serverId + "' ");
        sbSql3.append("   AND T.OPERATE_AUTH LIKE '1,%' ");
        // 2015-12-28，修改内容：条目权限控制新增根据授权时间范围进行控制
        sbSql3.append("   AND (T.START_DATE <= ");
        sbSql3.append("       to_date(to_char(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR ");
        sbSql3.append("       T.START_DATE IS NULL) ");
        sbSql3.append("   AND (T.END_DATE >= to_date(to_char(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR ");
        sbSql3.append("       T.END_DATE IS NULL)");
        sbSql3.append("   AND  EXISTS ( SELECT TT.ID FROM (" + sbSql2.toString() + ") TT WHERE TT.ID = T.RES_CODE)");
        sbSql3.append("   AND T.ARCHIVE_CLASS_ID = '" + nodeId + "' ");
        sbSql3.append("   AND T.ORG_ID = '" + orgId + "' ");
        List<Map<String, Object>> list3 = this.jdbcAvicit.queryForMap(sbSql3.toString(), null);
        if (null != list3 && list3.size() > 0) {
            // 存在条目附件权限
            for (int i = 0; i < list3.size(); i++) {
                authMap.put((String) list3.get(i).get("RES_CODE"), (String) list3.get(i).get("OPERATE_AUTH")); // 条目权限覆盖已有的节点权限，key:附件ID;value:权限
            }
        }

        return authMap;
    }

    /**
     * 保存电子文件记录权限
     *
     * @param param orgId（组织ID）,
     *              deptId（部门ID）,
     *              sysId（系统标识ID）,
     *              targetType:1群组、3用户
     *              targetId : 群组ID/用户ID
     *              rcdDataType : 0电子文件
     *              startDate (string yyyy-mm-dd) : 授权开始时间
     *              endDate (string yyyy-mm-dd) : 授权结束时间
     *              serviceId : LANTOP_AUTH_SERVER_USERSET
     *              dataList (ArrayList<Map<String, Object>>) 附件数据集合，{必须包含ARCHIVE_CLASS_ID ： 节点ID}{TABLE_ID ： 档案库表ID}{RES_CODE ： 附件ID}{WJH : 文件号}{TM : 题名}{ATTACH_NAME : 电子文件名称}
     *              useType : 利用类型 1.浏览  2.下载
     *              operateInfoMap : 已有权限类型，调用接口获取
     * @throws Exception
     * @author 张坚
     */
    @Override
    public void saveAttachAuthEntry(Map<String, Object> param) throws Exception {
        String orgId = (String) param.get("orgId");
        String deptId = (String) param.get("deptId");
        String sysId = (String) param.get("sysId");
        String targetType = (String) param.get("targetType");
        String targetId = (String) param.get("targetId");
        String rcdDataType = (String) param.get("rcdDataType");
        String startDate = (String) param.get("startDate");
        String endDate = (String) param.get("endDate");
        String serviceId = (String) param.get("serviceId");
        List<Map<String, Object>> dataList = (ArrayList<Map<String, Object>>) param.get("dataList");
        String useType = (String) param.get("useType"); // 利用类型 1.浏览 2.下载
        Map<String, String> operateInfoMap = (HashMap<String, String>) param.get("operateInfoMap"); // 已经注册的数据权限类型

        Map<String, Object> parameter = new HashMap<String, Object>();
        parameter.put("orgId", orgId);
        parameter.put("sysId", sysId);
        parameter.put("targetId", targetId);
        parameter.put("serviceId", serviceId);

        // 条目权限设置
        Map<String, Object> map = null;
        // 遍历已注册的数据权限类型值
        int userAuthColSize = operateInfoMap.keySet().size();
        for (int i = 0; i < dataList.size(); i++) {
            map = dataList.get(i);
            StringBuffer operateTypeCodes = new StringBuffer(); // 权限类型CODE串
            StringBuffer operateTypeNames = new StringBuffer(); // 权限类型NAME串

            for (int j = 1; j <= userAuthColSize; j++) {
                String key = "A" + j;// 通用代码以字母A开头
                operateTypeCodes.append(key);
                if ("1".equals(useType)) { // 附件浏览权限1,1,0,0
                    if (j <= 2) {
                        operateTypeNames.append("1");
                    } else {
                        operateTypeNames.append("0");
                    }
                } else if ("3".equals(useType)) { // 打印权限1,1,1,0
                    if (j <= 3) {
                        operateTypeNames.append("1");
                    } else {
                        operateTypeNames.append("0");
                    }
                } else { // 下载权限1,1,1,1
                    if (j <= 4) {
                        operateTypeNames.append("1");
                    } else {
                        operateTypeNames.append("0");
                    }
                }
                // 最后一次不拼接逗号
                if (j != userAuthColSize) {
                    operateTypeCodes.append(","); // 英文逗号
                    operateTypeNames.append(","); // 英文逗号
                }
            }

            LantopUserAuthExtendData lantopUserAuthExtendData = new LantopUserAuthExtendData();
            lantopUserAuthExtendData.setOrgId(orgId);
            lantopUserAuthExtendData.setDeptId(deptId);
            lantopUserAuthExtendData.setSysId(sysId);
            lantopUserAuthExtendData.setTargetType(targetType);
            lantopUserAuthExtendData.setTargetId(targetId);
            lantopUserAuthExtendData.setAuthServiceId(serviceId);
            lantopUserAuthExtendData.setArchiveClassId((String) map.get("ARCHIVE_CLASS_ID"));
            lantopUserAuthExtendData.setRcdDataType(rcdDataType);
            lantopUserAuthExtendData.setArchiveTableId((String) map.get("TABLE_ID"));
            lantopUserAuthExtendData.setResCode((String) map.get("RES_CODE")); // 新添加记录将左侧记录ID写入右侧datagrid的RES_CODE列中
            lantopUserAuthExtendData.setResName((String) map.get("RES_CODE"));
            lantopUserAuthExtendData.setActionType(operateTypeCodes.toString());
            lantopUserAuthExtendData.setOperateAuth(operateTypeNames.toString());
            lantopUserAuthExtendData.setWjh((String) map.get("WJH"));
            lantopUserAuthExtendData.setTm((String) map.get("TM"));
            lantopUserAuthExtendData.setAttribute01((String) map.get("ATTACH_NAME")); // 电子文件名称
            lantopUserAuthExtendData.setStartDate(ComUtil.String2Date(startDate)); // 开始时间
            lantopUserAuthExtendData.setEndDate(ComUtil.String2Date(endDate)); // 结束时间

            // 先删除已存在的权限，在保存
            StringBuffer sbSql = new StringBuffer();
            sbSql.append("DELETE FROM LANTOP_USER_AUTH_EXTEND_DATA WHERE RES_CODE = '");
            sbSql.append(lantopUserAuthExtendData.getResCode());
            sbSql.append("' AND TARGET_TYPE = '" + targetType + "' AND TARGET_ID = '" + targetId + "'");
            this.jdbcAvicit.getJdbcTemplate().execute(sbSql.toString());
            SysLogUtil.log("用户权限设置模块", "删除权限设置记录", OpType.delete, OpResult.success, LogBaseFactory.getLogBase());

            // 存在权限设置，如果不不存在权限设置则不保存，已保存过的权限也将被上一个操作删除
            lantopUserAuthExtendData.setId(ComUtil.getId());
            PojoUtil.setSysProperties(lantopUserAuthExtendData, OpType.insert);
            hibernateDao.save(lantopUserAuthExtendData);
            SysLogUtil.log(lantopUserAuthExtendData, null, OpType.insert, OpResult.success);
        }
    }

    /**
     * 获取已有的权限类型
     *
     * @return
     * @author 张坚
     */
    @Override
    public Map<String, String> getOperateInfo() {
        Collection<SysLookupSimpleVo> authTypeList = upLoader.getLookUpListByType("LANTOP_AUTH_TYPE");
        Map<String, String> map = new HashMap<String, String>();
        Iterator<SysLookupSimpleVo> authTypeIterator = authTypeList.iterator();
        while (authTypeIterator.hasNext()) {
            SysLookupSimpleVo sysLookupSimpleVo = authTypeIterator.next();
            map.put(sysLookupSimpleVo.getLookupCode(), sysLookupSimpleVo.getLookupName());
        }
        return map;
    }

    /**
     * 删除条目记录权限
     *
     * @param param sysId (系统标识ID),ORG_ID(组织ID),TARGET_ID(用户ID),RES_CODE(条目记录ID)
     * @throws Exception
     */
    @Override
    public void delAttachAuthEntry(Map<String, Object> param) throws Exception {
        String sysId = (String) param.get("sysId");
        String orgId = (String) param.get("orgId");
        String targetId = (String) param.get("targetId");
        String resCode = (String) param.get("resCode");
        StringBuffer sbSql = new StringBuffer();
        sbSql.append("DELETE FROM LANTOP_USER_AUTH_EXTEND_DATA T ");
        sbSql.append(" WHERE SYS_ID = '" + sysId + "' ");
        sbSql.append("   AND ORG_ID = '" + orgId + "' ");
        sbSql.append("   AND T.TARGET_ID = '" + targetId + "' ");
        sbSql.append("   AND T.RES_CODE = '" + resCode + "'");
        this.jdbcAvicit.getJdbcTemplate().execute(sbSql.toString());
    }

    /**
     * 调用过程，生成临时表数据（条目）
     * 获取权限过程返回的批次号（条目）
     *
     * @param param orgId（组织ID），sysId（系统标识ID），deptId（部门ID），nodeIds（数据节点ID串，逗号分隔，全部节点传空值），secretFlag（是否启用密级控制0,启用1,不启用），userId（当前登录用户ID），ip（当前登录用户IP地址）
     * @return
     * @throws Exception
     */
    @Override
    public String updateSolrIndexTm(Map<String, Object> param) throws Exception {
        /*
         * String orgIdentity = ""; if (null != param && param.containsKey("orgIdentity")) { orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID }
         */
        String orgId = (String) param.get("orgId");
        String sysId = (String) param.get("sysId");
        String deptId = (String) param.get("deptId");
        String secretFlag = (String) param.get("secretFlag");
        String userId = (String) param.get("userId");
        String ip = (String) param.get("ip");
        String flag = (String) param.get("flag"); // 标识(1:条目，全文 同时执行,2:部分执行)
        String tmNodes = (String) param.get("tmNodes");// 条目
        if ("".equals(tmNodes)) {
            tmNodes = "NULL";
        }

        String ide = "";// 返回的批次号
        // 判断是否进入条目权限过程
        if ("1".equals(flag) || (null != tmNodes && !"".equals(tmNodes) && !"null".equals(tmNodes))) {
            Connection conn = this.hibernateDao.getSession().connection();
            CallableStatement ps = null;
            try {
                ps = conn.prepareCall("call lantop_auth.LANTOP_GET_RECORD_AUTH_USER(?,?,?,?,?,?,?,?)");
                ps.setString(1, orgId);
                ps.setString(2, sysId);
                ps.setString(3, deptId);
                ps.setString(4, tmNodes);
                ps.setString(5, secretFlag);
                ps.setString(6, userId);
                ps.setString(7, ip);
                // 返回值
                ps.registerOutParameter(8, java.sql.Types.VARCHAR);
                ps.execute();
                ide = (String) ps.getObject(8);
            } catch (Exception e) {
                e.printStackTrace();
                try {
                    if (ps != null) {
                        ps.close();
                    }
                    if (conn != null) {
                        conn.close();
                    }
                } catch (Exception e1) {
                    e1.printStackTrace();
                }
            } finally {
                if (ps != null) {
                    ps.close();
                }
                if (conn != null) {
                    conn.close();
                }
            }
        }
        return ide;
    }

    /**
     * 调用过程，生成临时表数据（全文）
     * 获取权限过程返回的批次号（全文）
     *
     * @param param orgId（组织ID），sysId（系统标识ID），deptId（部门ID），nodeIds（数据节点ID串，逗号分隔，全部节点传空值），secretFlag（是否启用密级控制0,启用1,不启用），userId（当前登录用户ID），ip（当前登录用户IP地址）
     * @return
     * @throws Exception
     */
    @Override
    public String updateSolrIndexQw(Map<String, Object> param) throws Exception {
        /*
         * String orgIdentity = ""; if (null != param && param.containsKey("orgIdentity")) { orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID }
         */
        String orgId = (String) param.get("orgId");
        String sysId = (String) param.get("sysId");
        String deptId = (String) param.get("deptId");
        String secretFlag = (String) param.get("secretFlag");
        String userId = (String) param.get("userId");
        String ip = (String) param.get("ip");
        String flag = (String) param.get("flag"); // 标识(1:条目，全文 同时执行,2:部分执行)
        String qwNodes = (String) param.get("qwNodes"); // 全文
        String ide = "";// 返回的批次号
        if ("".equals(qwNodes)) {
            qwNodes = "NULL";
        }

        // 判断是否进入全文权限过程
        if ("1".equals(flag) || (null != qwNodes && !"".equals(qwNodes) && !"null".equals(qwNodes))) {
            Connection conn1 = this.hibernateDao.getSession().connection();
            CallableStatement ps1 = null;
            try {
                ps1 = conn1.prepareCall("call lantop_auth.LANTOP_GET_RECORD_QW_AUTH_USER(?,?,?,?,?,?,?,?)");
                ps1.setString(1, orgId);
                ps1.setString(2, sysId);
                ps1.setString(3, deptId);
                ps1.setString(4, qwNodes);
                ps1.setString(5, secretFlag);
                ps1.setString(6, userId);
                ps1.setString(7, ip);
                // 返回值
                ps1.registerOutParameter(8, java.sql.Types.VARCHAR);
                ps1.execute();
                ide = (String) ps1.getObject(8);
            } catch (Exception e) {
                e.printStackTrace();
                try {
                    if (ps1 != null) {
                        ps1.close();
                    }
                    if (conn1 != null) {
                        conn1.close();
                    }
                } catch (Exception e1) {
                    e1.printStackTrace();
                }
            } finally {
                if (ps1 != null) {
                    ps1.close();
                }
                if (conn1 != null) {
                    conn1.close();
                }
            }
        }
        return ide;
    }

    /**
     * 计算临时表当前批次的总数（条目）
     *
     * @param ide
     * @return
     * @throws Exception int
     * @throws
     */
    @Override
    public int getTmtotal(String ide) throws Exception {
        // 查询该批次临时表总共数据量
        StringBuffer sbSqlc = new StringBuffer();
        sbSqlc.append("SELECT\n");
        sbSqlc.append("        COUNT(*) NUM\n");
        sbSqlc.append("FROM\n");
        sbSqlc.append("        (\n");
        sbSqlc.append("                SELECT\n");
        sbSqlc.append("                        T.RECORD_ID,\n");
        // sbSqlc.append("                          CONCAT_CLOB_F(T.USER_ID) usersid  ,\n");
        sbSqlc.append("                        T.ATTRIBUTE_01\n");
        sbSqlc.append("                FROM\n");
        sbSqlc.append("                        LANTOP_SOLR_INDEX_AUTH T\n");
        sbSqlc.append("   WHERE T.IDENTIF = '" + ide + "'\n");
        sbSqlc.append("                GROUP BY\n");
        sbSqlc.append("                        T.RECORD_ID,\n");
        sbSqlc.append("                        T.ATTRIBUTE_01\n");
        sbSqlc.append("        )");
        List<Map<String, Object>> totalList = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSqlc.toString());
        int total = Integer.parseInt(String.valueOf(totalList.get(0).get("NUM")));
        return total;
    }

    /**
     * 计算临时表当前批次的总数（全文）
     *
     * @param ide
     * @return
     * @throws Exception int
     * @throws
     */
    @Override
    public int getQwtotal(String ide) throws Exception {
        // 查询该批次临时表总共数据量
        StringBuffer sbSqlc = new StringBuffer();
        sbSqlc.append("SELECT\n");
        sbSqlc.append("        COUNT(*) NUM\n");
        sbSqlc.append("FROM\n");
        sbSqlc.append("        (\n");
        sbSqlc.append("                SELECT\n");
        sbSqlc.append("                        T.RECORD_ID,\n");
        // sbSqlc.append("                          CONCAT_CLOB_F(T.USER_ID) usersid  ,\n");
        sbSqlc.append("                        T.ATTRIBUTE_01\n");
        sbSqlc.append("                FROM\n");
        sbSqlc.append("                        LANTOP_SOLR_INDEX_AUTH_QW T\n");
        sbSqlc.append("   WHERE T.IDENTIF = '" + ide + "'\n");
        sbSqlc.append("                GROUP BY\n");
        sbSqlc.append("                        T.RECORD_ID,\n");
        sbSqlc.append("                        T.ATTRIBUTE_01\n");
        sbSqlc.append("        )");
        List<Map<String, Object>> totalList = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSqlc.toString());
        int total = Integer.parseInt(String.valueOf(totalList.get(0).get("NUM")));
        return total;
    }

    /**
     * 获取创建索引所需MAP（条目）
     *
     * @param param
     * @return
     * @throws Exception Map<String,Object>
     * @throws
     */
    @Override
    public Map<String, Object> getSolrIndexMapTm(String ide, int start, int end) throws Exception {
        Map<String, Object> tmMap = new HashMap<String, Object>();
        // 根据IDE获得临时表数据
        StringBuffer sql = new StringBuffer();
        sql.append("SELECT A.RECORD_ID, A.USER_IDS, A.ATTRIBUTE_01 \n");
        sql.append("  FROM (SELECT T.RECORD_ID, \n");
        sql.append("               CONCAT_CLOB_F(T.USER_ID) USER_IDS, \n");
        sql.append("               T.ATTRIBUTE_01, \n");
        sql.append("               ROW_NUMBER() OVER(ORDER BY RECORD_ID) RN \n");
        sql.append("          FROM LANTOP_SOLR_INDEX_AUTH T \n");
        sql.append("          WHERE T.IDENTIF = '" + ide + "' \n");
        sql.append("         GROUP BY RECORD_ID, ATTRIBUTE_01) A \n");
        sql.append(" WHERE A.RN BETWEEN " + start + " AND " + end + " \n");

        List<Map<String, Object>> relationList = this.jdbcAvicit.getJdbcTemplate().queryForList(sql.toString());
        for (Map<String, Object> map : relationList) {
            String recordId = (String) map.get("RECORD_ID");// 数据节点
            String userId = (String) map.get("USER_ID");// 权限用户ID
            if (null == userId) {
                userId = "";
            }
            String attribute_01 = (String) map.get("ATTRIBUTE_01");
            Map<String, Object> childMap = new HashMap<String, Object>();
            childMap.put(attribute_01, userId);
            tmMap.put(recordId, childMap);
        }

        return tmMap;
    }

    /**
     * 获取创建索引所需MAP（全文）
     *
     * @param ide
     * @return
     * @throws Exception Map<String,Object>
     * @throws
     */
    @Override
    public Map<String, Object> getSolrIndexMapQw(String ide, int start, int end) throws Exception {
        Map<String, Object> qwMap = new HashMap<String, Object>();
        // 根据IDE获得临时表数据
        StringBuffer sql = new StringBuffer();
        sql.append("SELECT A.RECORD_ID, A.USER_IDS, A.ATTRIBUTE_01 \n");
        sql.append("  FROM (SELECT T.RECORD_ID, \n");
        sql.append("               CONCAT_CLOB_F(T.USER_ID) USER_IDS, \n");
        sql.append("               T.ATTRIBUTE_01, \n");
        sql.append("               ROW_NUMBER() OVER(ORDER BY RECORD_ID) RN \n");
        sql.append("          FROM LANTOP_SOLR_INDEX_AUTH_QW T \n");
        sql.append("          WHERE T.IDENTIF = '" + ide + "' \n");
        sql.append("         GROUP BY RECORD_ID, ATTRIBUTE_01) A \n");
        sql.append(" WHERE A.RN BETWEEN " + start + " AND " + end + " \n");

        List<Map<String, Object>> relationList = this.jdbcAvicit.getJdbcTemplate().queryForList(sql.toString());
        for (Map<String, Object> map : relationList) {
            String recordId = (String) map.get("RECORD_ID");// 数据节点
            String userId = (String) map.get("USER_ID");// 权限用户ID
            if (null == userId) {
                userId = "";
            }
            String attribute_01 = (String) map.get("ATTRIBUTE_01");
            Map<String, Object> childMap = new HashMap<String, Object>();
            childMap.put(attribute_01, userId);
            qwMap.put(recordId, childMap);
        }
        return qwMap;
    }

    /**
     * 删除临时表数据
     *
     * @param ide
     * @param type
     * @throws Exception void
     * @throws
     */
    @Override
    public void deleteSolrIndexTm(String ide, String type) throws Exception {
        if ("tm".equals(type)) {
            StringBuffer sbSql3 = new StringBuffer();
            sbSql3.append(" DELETE FROM LANTOP_SOLR_INDEX_AUTH WHERE IDENTIF = '" + ide + "'");
            this.jdbcAvicit.getJdbcTemplate().execute(sbSql3.toString());
        } else {
            StringBuffer sbSql3 = new StringBuffer();
            sbSql3.append(" DELETE FROM LANTOP_SOLR_INDEX_AUTH_QW WHERE IDENTIF = '" + ide + "'");
            this.jdbcAvicit.getJdbcTemplate().execute(sbSql3.toString());
        }
    }

    /**
     * 对数据节点有权限的用户ID串
     *
     * @param param orgId（组织ID），sysId（系统标识ID），deptId（部门ID），nodeIds（数据节点ID串，逗号分隔，全部节点传空值），secretFlag（是否启用密级控制0,启用1,不启用），userId（当前登录用户ID），ip（当前登录用户IP地址）
     * @return
     * @throws Exception
     */
    @Override
    public Map<String, Object> updateSolrIndex(Map<String, Object> param) throws Exception {
        /*
         * String orgIdentity = ""; if (null != param && param.containsKey("orgIdentity")) { orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID }
         */
        String orgId = (String) param.get("orgId");
        String sysId = (String) param.get("sysId");
        String deptId = (String) param.get("deptId");
        String secretFlag = (String) param.get("secretFlag");
        String userId = (String) param.get("userId");
        String ip = (String) param.get("ip");
        String flag = (String) param.get("flag"); // 标识(1:条目，全文 同时执行,2:部分执行)
        String tmNodes = (String) param.get("tmNodes"); // 条目
        String qwNodes = (String) param.get("qwNodes"); // 全文
        Map<String, Object> allMap = new HashMap<String, Object>();
        Map<String, Object> tmMap = new HashMap<String, Object>();
        Map<String, Object> qwMap = new HashMap<String, Object>();
        if ("".equals(tmNodes)) {
            tmNodes = "NULL";
        }
        if ("".equals(qwNodes)) {
            qwNodes = "NULL";
        }
        // 判断是否进入条目权限过程
        if ("1".equals(flag) || (null != tmNodes && !"".equals(tmNodes) && !"null".equals(tmNodes))) {
            Connection conn = this.hibernateDao.getSession().connection();
            CallableStatement ps = null;
            try {
                ps = conn.prepareCall("call lantop_auth.LANTOP_GET_RECORD_AUTH_USER(?,?,?,?,?,?,?,?)");
                ps.setString(1, orgId);
                ps.setString(2, sysId);
                ps.setString(3, deptId);
                ps.setString(4, tmNodes);
                ps.setString(5, secretFlag);
                ps.setString(6, userId);
                ps.setString(7, ip);
                // 返回值
                ps.registerOutParameter(8, java.sql.Types.VARCHAR);
                ps.execute();
                String ide = (String) ps.getObject(8);
                StringBuffer sbSql2 = new StringBuffer();
                sbSql2.append("SELECT * FROM (\n");
                sbSql2.append("SELECT RECORD_ID, USER_ID, ATTRIBUTE_01\n");
                sbSql2.append("    FROM LANTOP_SOLR_INDEX_AUTH T\n");
                sbSql2.append("   WHERE T.IDENTIF = '" + ide + "'\n");
                sbSql2.append("    GROUP BY RECORD_ID, USER_ID, ATTRIBUTE_01)\n");
                sbSql2.append("     ORDER BY RECORD_ID");
                List<Map<String, Object>> relationList = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSql2.toString());
                String tempRecordId = "";
                String secRecordId = "";
                int conIndex = 0;
                String userIds = "";
                String rlRecordId = "";
                String rlUserId = "";
                StringBuffer recordBuffer = new StringBuffer();
                String key = "";
                for (int j = 0; j < relationList.size(); j++) {
                    Map<String, Object> rlmap = relationList.get(j);
                    rlRecordId = (String) rlmap.get("RECORD_ID");
                    if (conIndex == 0) {
                        secRecordId = rlRecordId;
                    }
                    tempRecordId = rlRecordId;
                    rlUserId = (String) rlmap.get("USER_ID");
                    if (!secRecordId.equals(tempRecordId) || conIndex == relationList.size()) {
                        if (recordBuffer.length() == 0) {
                            key = (String) rlmap.get("ATTRIBUTE_01");
                            recordBuffer.append(rlUserId + ",");
                        }
                        userIds = recordBuffer.substring(0, recordBuffer.length() - 1);
                        Map<String, Object> childMap = new HashMap<String, Object>();
                        childMap.put(key, userIds);
                        tmMap.put(secRecordId, childMap);
                        j = j - 1;
                        secRecordId = rlRecordId;
                        recordBuffer.setLength(0);
                        continue;
                    } else {
                        key = (String) rlmap.get("ATTRIBUTE_01");
                        recordBuffer.append(rlUserId + ",");
                        conIndex++;
                    }
                    if (j == relationList.size() - 1) {
                        userIds = recordBuffer.substring(0, recordBuffer.length() - 1);
                        Map<String, Object> childMap = new HashMap<String, Object>();
                        childMap.put(key, userIds);
                        tmMap.put(secRecordId, childMap);
                    }
                }
                StringBuffer sbSql3 = new StringBuffer();
                sbSql3.append(" DELETE FROM LANTOP_SOLR_INDEX_AUTH WHERE IDENTIF = '" + ide + "'");
                this.jdbcAvicit.getJdbcTemplate().execute(sbSql3.toString());
            } catch (Exception e) {
                e.printStackTrace();
                try {
                    if (ps != null) {
                        ps.close();
                    }
                    if (conn != null) {
                        conn.close();
                    }
                } catch (Exception e1) {
                    e1.printStackTrace();
                }
            } finally {
                if (ps != null) {
                    ps.close();
                }
                if (conn != null) {
                    conn.close();
                }
            }
        }
        // 判断是否进入全文权限过程
        if ("1".equals(flag) || (null != qwNodes && !"".equals(qwNodes) && !"null".equals(qwNodes))) {
            Connection conn1 = this.hibernateDao.getSession().connection();
            CallableStatement ps1 = null;
            try {
                ps1 = conn1.prepareCall("call lantop_auth.LANTOP_GET_RECORD_QW_AUTH_USER(?,?,?,?,?,?,?,?)");
                ps1.setString(1, orgId);
                ps1.setString(2, sysId);
                ps1.setString(3, deptId);
                ps1.setString(4, qwNodes);
                ps1.setString(5, secretFlag);
                ps1.setString(6, userId);
                ps1.setString(7, ip);
                // 返回值
                ps1.registerOutParameter(8, java.sql.Types.VARCHAR);
                ps1.execute();
                String ide = (String) ps1.getObject(8);

                StringBuffer sbSql3 = new StringBuffer();
                sbSql3.append("WITH T1 AS\n");
                sbSql3.append(" (SELECT RECORD_ID, USER_ID, ATTRIBUTE_01\n");
                sbSql3.append("    FROM LANTOP_SOLR_INDEX_AUTH_QW T\n");
                sbSql3.append("   WHERE T.IDENTIF = '" + ide + "' GROUP BY RECORD_ID, USER_ID, ATTRIBUTE_01)\n");
                sbSql3.append("SELECT *\n");
                sbSql3.append("  FROM T1\n");
                sbSql3.append(" ORDER BY RECORD_ID ");
                List<Map<String, Object>> relationList = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSql3.toString());
                String tempRecordId = "";
                String secRecordId = "";
                int conIndex = 0;
                String userIds = "";
                String rlRecordId = "";
                String rlUserId = "";
                StringBuffer recordBuffer = new StringBuffer();
                String key = "";
                for (int j = 0; j < relationList.size(); j++) {
                    Map<String, Object> rlmap = relationList.get(j);
                    rlRecordId = (String) rlmap.get("RECORD_ID");
                    if (conIndex == 0) {
                        secRecordId = rlRecordId;
                    }
                    tempRecordId = rlRecordId;
                    rlUserId = (String) rlmap.get("USER_ID");
                    if (!secRecordId.equals(tempRecordId) || conIndex == relationList.size()) {
                        if (recordBuffer.length() == 0) {
                            key = (String) rlmap.get("ATTRIBUTE_01");
                            recordBuffer.append(rlUserId + ",");
                        }
                        userIds = recordBuffer.substring(0, recordBuffer.length() - 1);
                        Map<String, Object> childMap = new HashMap<String, Object>();
                        childMap.put(key, userIds);
                        tmMap.put(secRecordId, childMap);
                        j = j - 1;
                        secRecordId = rlRecordId;
                        recordBuffer.setLength(0);
                        continue;
                    } else {
                        key = (String) rlmap.get("ATTRIBUTE_01");
                        recordBuffer.append(rlUserId + ",");
                        conIndex++;
                    }
                    if (j == relationList.size() - 1) {
                        userIds = recordBuffer.substring(0, recordBuffer.length() - 1);
                        Map<String, Object> childMap = new HashMap<String, Object>();
                        childMap.put(key, userIds);
                        tmMap.put(secRecordId, childMap);
                    }
                }
                StringBuffer sbSql4 = new StringBuffer();
                sbSql4.append(" DELETE FROM LANTOP_SOLR_INDEX_AUTH_QW WHERE IDENTIF = '" + ide + "'");
                this.jdbcAvicit.getJdbcTemplate().execute(sbSql4.toString());
            } catch (Exception e) {
                e.printStackTrace();
                try {
                    if (ps1 != null) {
                        ps1.close();
                    }
                    if (conn1 != null) {
                        conn1.close();
                    }
                } catch (Exception e1) {
                    e1.printStackTrace();
                }
            } finally {
                if (ps1 != null) {
                    ps1.close();
                }
                if (conn1 != null) {
                    conn1.close();
                }
            }
        }
        allMap.putAll(tmMap);
        allMap.putAll(qwMap);
        return allMap;
    }

    /**
     * 获取我的利用可以访问的节点集合
     *
     * @param param orgId（组织ID），sysId（系统标识ID），userId（当前登录用户ID）
     * @return List<Map < String, Object>> key : RES_CODE, value : nodeId
     * @throws Exception
     */
    @Override
    public List<Map<String, Object>> getUseNodes(Map<String, Object> param) throws Exception {
        String sysId = (String) param.get("sysId");
        String orgId = (String) param.get("orgId");
        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }
        String userId = (String) param.get("userId");
        StringBuffer sbSql = new StringBuffer();
        // 角色维度
        sbSql.append("SELECT LUASE.RES_CODE ");
        sbSql.append("  FROM LANTOP_USER_AUTH_SET_EXTEND LUASE ");
        sbSql.append("  LEFT JOIN CBB_AUTH_RESOURCE CAR ");
        sbSql.append("    ON CAR.ID = LUASE.CBB_AUTH_RESOURCE_ID ");
        sbSql.append(" WHERE INSTR(LUASE.REL_TARGET_NAME, '利用管理员') > 0 ");
        sbSql.append("   AND CAR.SYS_ID = '" + sysId + "' ");
        sbSql.append("   AND CAR.ORG_ID = '" + orgId + "' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T  ");
        sbSql.append("                   WHERE T.SYS_ROLE_ID = CAR.TARGET_ID  ");
        sbSql.append("     				AND T.SYS_USER_ID = '" + userId + "'");
        sbSql.append("     		  ) ");
        sbSql.append("   AND CAR.TARGET_TYPE = '1' ");
        sbSql.append("UNION ALL ");

        // 部门维度
        sbSql.append("SELECT LUASE.RES_CODE ");
        sbSql.append("  FROM LANTOP_USER_AUTH_SET_EXTEND LUASE ");
        sbSql.append("  LEFT JOIN CBB_AUTH_RESOURCE CAR ");
        sbSql.append("    ON CAR.ID = LUASE.CBB_AUTH_RESOURCE_ID ");
        sbSql.append(" WHERE INSTR(LUASE.REL_TARGET_NAME, '利用管理员') > 0 ");
        sbSql.append("   AND CAR.SYS_ID = '" + sysId + "' ");
        sbSql.append("   AND CAR.ORG_ID = '" + orgId + "' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSql.append("                   WHERE T.DEPT_ID = CAR.TARGET_ID  ");
        sbSql.append("     				AND T.USER_ID = '" + userId + "'");
        sbSql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("     		  ) ");
        sbSql.append("   AND CAR.TARGET_TYPE = '2' ");
        sbSql.append("UNION ALL ");

        // 用户维度
        sbSql.append("SELECT LUASE.RES_CODE ");
        sbSql.append("  FROM LANTOP_USER_AUTH_SET_EXTEND LUASE ");
        sbSql.append("  LEFT JOIN CBB_AUTH_RESOURCE CAR ");
        sbSql.append("    ON CAR.ID = LUASE.CBB_AUTH_RESOURCE_ID ");
        sbSql.append(" WHERE INSTR(LUASE.REL_TARGET_NAME, '利用管理员') > 0 ");
        sbSql.append("   AND CAR.SYS_ID = '" + sysId + "' ");
        sbSql.append("   AND CAR.ORG_ID = '" + orgId + "' ");
        sbSql.append("   AND CAR.TARGET_ID = '" + userId + "' ");
        sbSql.append("   AND CAR.TARGET_TYPE = '3' ");
        sbSql.append("UNION ALL ");

        // 岗位维度
        sbSql.append("SELECT LUASE.RES_CODE ");
        sbSql.append("  FROM LANTOP_USER_AUTH_SET_EXTEND LUASE ");
        sbSql.append("  LEFT JOIN CBB_AUTH_RESOURCE CAR ");
        sbSql.append("    ON CAR.ID = LUASE.CBB_AUTH_RESOURCE_ID ");
        sbSql.append(" WHERE INSTR(LUASE.REL_TARGET_NAME, '利用管理员') > 0 ");
        sbSql.append("   AND CAR.SYS_ID = '" + sysId + "' ");
        sbSql.append("   AND CAR.ORG_ID = '" + orgId + "' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSql.append("                   WHERE T.POSITION_ID = CAR.TARGET_ID  ");
        sbSql.append("     				AND T.USER_ID = '" + userId + "'");
        sbSql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("     		  ) ");
        sbSql.append("   AND CAR.TARGET_TYPE = '4' ");
        List<Map<String, Object>> list = this.jdbcAvicit.queryForMap(sbSql.toString(), null);
        return list;
    }

    /**
     * 根据节点ID删除权限数据
     *
     * @param param              orgId（组织ID），deptId（部门ID）,sysId（系统标识ID）
     * @param Map<String,Object> nodeIds (key："nodeId", Object:节点值)
     * @throws Exception void
     * @author 郭亮
     * 变更： 20160810 接口变更 王志鹏
     */
    @Override
    public void deleteAuthByNodeIdByIntfs(String orgId, String deptId, String sysId, Map<String, Object> nodeIds) throws Exception {
        String nodeId = nodeIds.get("nodeId").toString();
        StringBuffer sbSql = new StringBuffer();
        sbSql.append("SELECT R.ID\n");
        sbSql.append("  FROM CBB_AUTH_RESOURCE R\n");
        sbSql.append(" WHERE R.ORG_ID = '" + orgId + "'\n");
        sbSql.append("   AND R.DEPT_ID = '" + deptId + "'\n");
        sbSql.append("   AND R.SYS_ID = '" + sysId + "'");
        sbSql.append("   AND R.CODE LIKE '" + nodeId + "%'\n");
        List<Map<String, Object>> list = this.jdbcAvicit.queryForMap(sbSql.toString(), null);
        String Ids = "";
        for (int i = 0; i < list.size(); i++) {
            Ids += "'" + list.get(i).get("ID").toString() + "'";
            if (i != list.size() - 1) {
                Ids += ",";
            }
        }
        if (!"".equals(Ids)) {
            String sbSql2 = "DELETE FROM LANTOP_QUALIFICATION_DETAIL D WHERE D.CBB_AUTH_RESOURCE_ID IN( " + Ids + ")";
            this.jdbcAvicit.getJdbcTemplate().execute(sbSql2);

            StringBuffer sbSql3 = new StringBuffer();
            sbSql3.append("DELETE FROM LANTOP_USER_AUTH_SET_EXTEND E\n");
            sbSql3.append("  WHERE E.ORG_ID = '" + orgId + "'\n");
            sbSql3.append("    AND E.DEPT_ID = '" + deptId + "'\n");
            sbSql3.append("    AND E.SYS_ID = '" + sysId + "'");
            sbSql3.append("    AND E.RES_CODE LIKE '" + nodeId + "%'\n");
            this.jdbcAvicit.getJdbcTemplate().execute(sbSql3.toString());

            StringBuffer sbSql4 = new StringBuffer();
            sbSql4.append("DELETE FROM LANTOP_USER_AUTH_EXTEND_DATA T\n");
            sbSql4.append(" WHERE T.ORG_ID = '" + orgId + "'\n");
            sbSql4.append("   AND T.DEPT_ID = '" + deptId + "'\n");
            sbSql4.append("   AND T.SYS_ID = '" + sysId + "'");
            sbSql4.append("   AND T.ARCHIVE_CLASS_ID = '" + nodeId + "'\n");
            this.jdbcAvicit.getJdbcTemplate().execute(sbSql4.toString());

            StringBuffer sbSql5 = new StringBuffer();
            sbSql5.append("DELETE FROM CBB_AUTH_RESOURCE R\n");
            sbSql5.append(" WHERE R.ORG_ID = '" + orgId + "'\n");
            sbSql5.append("   AND R.DEPT_ID = '" + deptId + "'\n");
            sbSql5.append("   AND R.SYS_ID = '" + sysId + "'");
            sbSql5.append("   AND R.CODE LIKE '" + nodeId + "%'\n");
            this.jdbcAvicit.getJdbcTemplate().execute(sbSql5.toString());
        }
    }

    /**
     * 获取密级权限控制信息
     *
     * @param param
     * @return
     * @throws Exception
     */
    @Override
    public String getMjSysConfigByIntfs(Map<String, Object> param) throws Exception {
        StringBuffer sbSql = new StringBuffer();
        sbSql.append(" SELECT CONFIG_KEY_VALUE FROM LANTOP_SYS_CONFIG WHERE CONFIG_KEY_CODE = 'LANTOP_SM_CODE'");
        List<Map<String, Object>> list = this.jdbcAvicit.queryForMap(sbSql.toString(), null);
        if (null == list || list.size() == 0) {
            return "1";
        }
        return (String) list.get(0).get("CONFIG_KEY_VALUE");
    }

    /**
     * 获取密级权限控制信息
     *
     * @param param
     * @return
     * @throws Exception
     */
    @Override
    public String getMjCheckConfigByIntfs(Map<String, Object> param) throws Exception {
        StringBuffer sbSql = new StringBuffer();
        sbSql.append(" SELECT ATTRIBUTE_08 FROM LANTOP_SYS_CONFIG WHERE CONFIG_KEY_CODE = 'LANTOP_SM_CODE'");
        List<Map<String, Object>> list = this.jdbcAvicit.queryForMap(sbSql.toString(), null);
        if (null == list || list.size() == 0) {
            return "1";
        }
        return (String) list.get(0).get("ATTRIBUTE_08");
    }

    /**
     * 获取用户最大密级
     *
     * @param userId
     * @return
     * @throws Exception String
     * @throws
     */
    @Override
    public String getUserMaxSecretLevel(String userId) throws Exception {
        SysUser su = sysUserAPI.getSysUserById(userId);
        String secretLevel = su.getSecretLevel();
        // 密级控制
        String sysConfig = this.getMjSysConfigByIntfs(null); // 2为启用目录密级权限控制,4为目录和全文都控制
        if ("2".equals(sysConfig) || "3".equals(sysConfig) || "4".equals(sysConfig)) {
            // 获取当前登陆用户最大文档密级
            List<String> secrets = new ArrayList<String>();
            // 获取文档密级
            Collection<SysLookupSimpleVo> fileSecretList = upLoader.getLookUpListByType("PLATFORM_FILE_SECRET_LEVEL");
            Iterator<SysLookupSimpleVo> iter = fileSecretList.iterator();
            while (iter.hasNext()) {
                SysLookupSimpleVo sysLookupSimpleVo = iter.next();
                boolean isHave = upLoader.isRelation(sysLookupSimpleVo.getLookupCode(), secretLevel + "");
                if (isHave) {
                    secrets.add(sysLookupSimpleVo.getLookupCode());
                }
            }
            int maxSecret = -1;
            if (secrets.size() > 0) {
                for (int k = 0; k < secrets.size() - 1; k++) {
                    for (int x = 1; x < secrets.size() - k; x++) {
                        int temp;
                        if ((secrets.get(x - 1)).compareTo(secrets.get(x)) > 0) { // 比较两个整数的大小
                            temp = Integer.parseInt(secrets.get(x - 1));
                            secrets.set((x - 1), secrets.get(x));
                            secrets.set(x, temp + "");
                        }
                    }
                }
                // 最大文档密级
                maxSecret = Integer.parseInt(secrets.get(secrets.size() - 1));
            }
            secretLevel = maxSecret + "";
        } else {
            // 获取当前登陆用户最大文档密级
            List<String> secrets = new ArrayList<String>();
            // 获取文档密级
            Collection<SysLookupSimpleVo> fileSecretList = upLoader.getLookUpListByType("CBB_SECRET");
            Iterator<SysLookupSimpleVo> iter = fileSecretList.iterator();
            while (iter.hasNext()) {
                SysLookupSimpleVo sysLookupSimpleVo = iter.next();
                secrets.add(sysLookupSimpleVo.getLookupCode());
            }
            int maxSecret = -1;
            if (secrets.size() > 0) {
                for (int k = 0; k < secrets.size() - 1; k++) {
                    for (int x = 1; x < secrets.size() - k; x++) {
                        int temp;
                        if ((secrets.get(x - 1)).compareTo(secrets.get(x)) > 0) { // 比较两个整数的大小
                            temp = Integer.parseInt(secrets.get(x - 1));
                            secrets.set((x - 1), secrets.get(x));
                            secrets.set(x, temp + "");
                        }
                    }
                }
                // 最大密级
                maxSecret = Integer.parseInt(secrets.get(secrets.size() - 1));
            }
            secretLevel = maxSecret + "";
        }
        return secretLevel;
    }

    /**
     * 判断用户是否有当前节点或者条目或者全文的浏览权限
     *
     * @param param
     * @return
     * @throws Exception boolean
     * @throws
     */
    @Override
    public Map<String, Object> checkUserHaveAuthByParamByIntfs(Map<String, Object> param) throws Exception {
        Map<String, Object> map = new HashMap<String, Object>();
        map.put("isHave", "false");
        String orgId = "";
        if (param.containsKey("orgId")) {
            orgId = (String) param.get("orgId");
        }
        String sysId = "";
        if (param.containsKey("sysId")) {
            sysId = (String) param.get("sysId");
        }
        String userId = "";
        if (param.containsKey("userId")) {
            userId = (String) param.get("userId");
        }
        String nodeId = "";
        if (param.containsKey("nodeId")) {
            nodeId = (String) param.get("nodeId");
        }
        String recordId = "";
        if (param.containsKey("recordId")) {
            recordId = (String) param.get("recordId");
        }
        String authFlag = "";
        if (param.containsKey("authFlag")) {
            authFlag = (String) param.get("authFlag");
        }

        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
        }

        // 获取条目或全文可浏览节点集合
        StringBuffer sbSql = new StringBuffer();
        sbSql.append("select car.*\n");
        sbSql.append("  from cbb_auth_resource car\n");
        sbSql.append("  left join lantop_archive_class lac\n");
        sbSql.append("    on lac.id = car.code\n");
        sbSql.append(" where ( car.target_id = '" + userId + "' ");
        sbSql.append("  OR  EXISTS (SELECT SYS_ROLE_ID ROLE_ID  FROM SYS_USER_ROLE  WHERE CAR.TARGET_ID = SYS_ROLE_ID AND SYS_USER_ID = '" + userId + "' AND ORG_IDENTITY = '" + orgIdentity + "')");
        sbSql.append("   OR EXISTS ( SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V   WHERE CAR.TARGET_ID = DEPT_ID AND USER_ID = '" + userId + "' AND ORG_IDENTITY = '" + orgIdentity + "' ) ");
        sbSql.append("   OR EXISTS ( SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V   WHERE CAR.TARGET_ID  = POSITION_ID AND USER_ID = '" + userId + "' AND ORG_IDENTITY = '" + orgIdentity + "' )");
        sbSql.append(" )");
        sbSql.append("   and lac.archive_class_node_type = '2'\n");
        sbSql.append("   and car.auth_service_id = 'LANTOP_AUTH_SERVER_USERSET'\n");
        sbSql.append("   and car.org_id = '" + orgId + "'\n");
        sbSql.append("   and car.sys_id = '" + sysId + "'");
        sbSql.append("   and car.code = '" + nodeId + "'");
        if ("tm".equals(authFlag)) {
            sbSql.append("   and substr(car.operate_auth, 1, 1) = '1'");
        } else if ("qw".equals(authFlag)) {
            sbSql.append("   and substr(car.operate_auth, 3, 1) = '1'");
        } else {
            sbSql.append("");
        }
        List<Map<String, Object>> list = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSql.toString());
        // 如果size大于0,表示有权限浏览当前节点
        if (list.size() > 0) {
            // 再进行判断该条目是否有限制条件
            // 获取限制条件权限集合
            StringBuffer sbSqlXz = new StringBuffer();
            sbSqlXz.append("SELECT t.*\n");
            sbSqlXz.append("  FROM CBB_AUTH_RESOURCE CART\n");
            sbSqlXz.append(" WHERE CART.ORG_ID = '" + orgId + "'\n");
            sbSqlXz.append("   AND CART.SYS_ID = '" + sysId + "'\n");

            // 用户维度
            sbSqlXz.append(" AND ((CART.TARGET_ID = '" + userId + "'  ");
            sbSqlXz.append("                 AND CART.TARGET_TYPE = '3' ) ");
            // 角色维度
            sbSqlXz.append("  OR ( ");
            sbSqlXz.append("  	  CART.TARGET_TYPE = '1' ");
            sbSqlXz.append("  	AND EXISTS(");
            sbSqlXz.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T  ");
            sbSqlXz.append("                   WHERE T.SYS_ROLE_ID = CART.TARGET_ID  ");
            sbSqlXz.append("     				AND T.SYS_USER_ID = '" + userId + "'");
            sbSqlXz.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
            sbSqlXz.append("     		  ) ");
            sbSqlXz.append("     ) ");

            // 部门维度
            sbSqlXz.append("  OR ( ");
            sbSqlXz.append("  	  CART.TARGET_TYPE = '2' ");
            sbSqlXz.append("  	AND EXISTS(");
            sbSqlXz.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
            sbSqlXz.append("                   WHERE T.DEPT_ID = CART.TARGET_ID  ");
            sbSqlXz.append("     				AND T.USER_ID = '" + userId + "'");
            sbSqlXz.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
            sbSqlXz.append("     		  ) ");
            sbSqlXz.append("     ) ");

            // 岗位维度
            sbSqlXz.append("  OR ( ");
            sbSqlXz.append("  	  CART.TARGET_TYPE = '4' ");
            sbSqlXz.append("  	AND EXISTS(");
            sbSqlXz.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
            sbSqlXz.append("                   WHERE T.POSITION_ID = CART.TARGET_ID  ");
            sbSqlXz.append("     				AND T.USER_ID = '" + userId + "'");
            sbSqlXz.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
            sbSqlXz.append("     		  ) ");
            sbSqlXz.append("     )) ");

            sbSqlXz.append("   AND SUBSTR(CART.CODE, 0, INSTR(CART.CODE, '_') - 1) = '" + nodeId + "'\n");
            sbSqlXz.append("   AND CART.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET'\n");
            sbSqlXz.append("   AND CART.OPERATE_AUTH = '1'\n");
            if ("tm".equals(authFlag)) {
                sbSqlXz.append("   AND CART.ACTION_TYPE = 'A1'");
            } else if ("qw".equals(authFlag)) {
                sbSqlXz.append("   AND CART.ACTION_TYPE = 'A2'");
            } else {
                sbSql.append("");
            }
            List<Map<String, Object>> xzList = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSqlXz.toString());
            if (xzList.size() > 0) {
                StringBuffer authSql = new StringBuffer();
                for (int i = 0; i < xzList.size(); i++) {
                    Map<String, Object> xzMap = xzList.get(i);
                    if (i > 0) {
                        authSql.append(" OR ");
                    }
                    authSql.append(xzMap.get("DATA_AUTH"));
                }
                map.put("isHave", "xz");
                map.put("authSql", " AND (" + authSql + ")");
            } else {
                map.put("isHave", "true");
            }
        } else { // 如果没有当前节点浏览权限,则判断该条目是否有开放条件
            if (!"".equals(recordId)) {
                // 开放条件
                StringBuffer sbSqlKf = new StringBuffer();
                sbSqlKf.append("SELECT T.*\n");
                sbSqlKf.append("  FROM LANTOP_USER_AUTH_EXTEND_DATA T\n");
                sbSqlKf.append(" WHERE T.ORG_ID = '" + orgId + "'\n");
                sbSqlKf.append("   AND T.SYS_ID = '" + sysId + "'\n");
                sbSqlKf.append("   AND T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET'\n");
                if ("tm".equals(authFlag)) {
                    sbSqlKf.append("   AND T.OPERATE_AUTH LIKE '1,%'\n");
                } else if ("qw".equals(authFlag)) {
                    sbSqlKf.append("   AND T.OPERATE_AUTH LIKE '1,1,%'\n");
                } else {
                    sbSqlKf.append("");
                }
                sbSqlKf.append("   AND (T.START_DATE <=\n");
                sbSqlKf.append("       TO_DATE(TO_CHAR(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR\n");
                sbSqlKf.append("       T.START_DATE IS NULL)\n");
                sbSqlKf.append("   AND (T.END_DATE >= TO_DATE(TO_CHAR(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR\n");
                sbSqlKf.append("       T.END_DATE IS NULL)\n");

                // 用户维度
                sbSqlKf.append(" AND ((T.TARGET_ID = '" + userId + "'  ");
                sbSqlKf.append("                 AND T.TARGET_TYPE = '3' ) ");
                // 角色维度
                sbSqlKf.append("  OR ( ");
                sbSqlKf.append("  	  T.TARGET_TYPE = '1' ");
                sbSqlKf.append("  	AND EXISTS(");
                sbSqlKf.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T1  ");
                sbSqlKf.append("                   WHERE T1.SYS_ROLE_ID = T.TARGET_ID  ");
                sbSqlKf.append("     				AND T1.SYS_USER_ID = '" + userId + "'");
                sbSqlKf.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
                sbSqlKf.append("     		  ) ");
                sbSqlKf.append("     ) ");

                // 部门维度
                sbSqlKf.append("  OR ( ");
                sbSqlKf.append("  	  T.TARGET_TYPE = '2' ");
                sbSqlKf.append("  	AND EXISTS(");
                sbSqlKf.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T1 ");
                sbSqlKf.append("                   WHERE T1.DEPT_ID = T.TARGET_ID  ");
                sbSqlKf.append("     				AND T1.USER_ID = '" + userId + "'");
                sbSqlKf.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
                sbSqlKf.append("     		  ) ");
                sbSqlKf.append("     ) ");

                // 岗位维度
                sbSqlKf.append("  OR ( ");
                sbSqlKf.append("  	  T.TARGET_TYPE = '4' ");
                sbSqlKf.append("  	AND EXISTS(");
                sbSqlKf.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T1 ");
                sbSqlKf.append("                   WHERE T1.POSITION_ID = T.TARGET_ID  ");
                sbSqlKf.append("     				AND T1.USER_ID = '" + userId + "'");
                sbSqlKf.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
                sbSqlKf.append("     		  ) ");
                sbSqlKf.append("     )) ");

                sbSqlKf.append("   AND T.ARCHIVE_CLASS_ID = '" + nodeId + "'\n");
                sbSqlKf.append("   AND T.RES_CODE = '" + recordId + "'");
                List<Map<String, Object>> kfList = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSqlKf.toString());
                if (kfList.size() > 0) {
                    map.put("isHave", "true");
                }
            }
        }
        return map;
    }

    private String getAuthSqlByConditionMap(Map<String, Object> conditionMap, String tableName) throws Exception {
        String sql = " " + conditionMap.get("ZKH") + tableName + "." + conditionMap.get("ZDM") + " ";
        if ("DY".equals(conditionMap.get("YSF"))) {
            sql += "= '" + conditionMap.get("ZHI") + "'" + conditionMap.get("YKH");
        } else if ("BDY".equals(conditionMap.get("YSF"))) {
            sql += ">= '" + conditionMap.get("ZHI") + "'" + conditionMap.get("YKH");
        } else if ("BH".equals(conditionMap.get("YSF"))) {
            sql += "LIKE '%" + conditionMap.get("ZHI") + "%'" + conditionMap.get("YKH");
        } else if ("BBH".equals(conditionMap.get("YSF"))) {
            sql += "NOT LIKE '%" + conditionMap.get("ZHI") + "%'" + conditionMap.get("YKH");
        } else if ("ZBH".equals(conditionMap.get("YSF"))) {
            sql += "LIKE '" + conditionMap.get("ZHI") + "%'" + conditionMap.get("YKH");
        } else if ("YBH".equals(conditionMap.get("YSF"))) {
            sql += "LIKE '%" + conditionMap.get("ZHI") + "'" + conditionMap.get("YKH");
        } else if ("DAY".equals(conditionMap.get("YSF"))) {
            sql += "> '" + conditionMap.get("ZHI") + "'" + conditionMap.get("YKH");
        } else if ("DYDY".equals(conditionMap.get("YSF"))) {
            sql += ">= '" + conditionMap.get("ZHI") + "'" + conditionMap.get("YKH");
        } else if ("XY".equals(conditionMap.get("YSF"))) {
            sql += "< '" + conditionMap.get("ZHI") + "'" + conditionMap.get("YKH");
        } else if ("XYDY".equals(conditionMap.get("YSF"))) {
            sql += "<= '" + conditionMap.get("ZHI") + "'" + conditionMap.get("YKH");
        } else if ("WK".equals(conditionMap.get("YSF"))) {
            sql += "IS NULL" + conditionMap.get("YKH");
        } else if ("BWK".equals(conditionMap.get("YSF"))) {
            sql += "IS NOT NULL " + conditionMap.get("YKH");
        }
        return sql;
    }

    /**
     * @param List 权限List
     * @return String
     * 多个权限取权限合集
     * @author 张余
     */
    private String getAuthIntfsAll(List<Map<String, Object>> list) {
        String[] authIntf = {"0", "0", "0", "0"};
        for (Map<String, Object> map : list) {
            String auth = map.get("OPERATE_AUTH").toString();
            String[] auths = auth.split(",");
            for (int i = 0; i < auths.length; i++) {
                if (auths[i].equals("1")) {
                    authIntf[i] = "1";
                }
            }
        }
        return StringUtil.join(authIntf, ",");

    }

    /**
     * 获得用户有浏览权限的节点
     *
     * @param param
     * @return String
     * @throws Exception String
     */
    @Override
    public String getSqlConditionByParam(Map<String, Object> param) throws Exception {
        StringBuffer sql = new StringBuffer();
        try {
            String sysId = param.get("sysId").toString();// 系统id
            String orgId = param.get("orgId").toString();// 组织id
            String orgIdentity = "";
            if (null != param && param.containsKey("orgIdentity")) {
                orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
                if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                    orgIdentity = orgId;
                }
            } else {
                orgIdentity = orgId;
            }
            String userId = param.get("userId").toString();// 用户id
            String deptId = param.get("deptId").toString();// 用户id

            // 根据用户id查询节点信息SQL
            StringBuffer node_sql = new StringBuffer();
            node_sql.append("select CART.CODE NODE_ID,CART.TARGET_ID,CART.TARGET_TYPE from CBB_AUTH_RESOURCE CART ");
            // 用户维度
            node_sql.append(" WHERE ( (CART.TARGET_ID = '" + userId + "' ");
            node_sql.append("                 AND CART.TARGET_TYPE = '3' ) ");
            // 角色维度
            node_sql.append("  OR ( ");
            node_sql.append("  	  CART.TARGET_TYPE = '1' ");
            node_sql.append("  	AND EXISTS(");
            node_sql.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T  ");
            node_sql.append("                   WHERE T.SYS_ROLE_ID = CART.TARGET_ID  ");
            node_sql.append("     				AND T.SYS_USER_ID = '" + userId + "'");
            node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
            node_sql.append("     		  ) ");
            node_sql.append("     ) ");

            // 部门维度
            node_sql.append("  OR ( ");
            node_sql.append("  	  CART.TARGET_TYPE = '2' ");
            node_sql.append("  	AND EXISTS(");
            node_sql.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
            node_sql.append("                   WHERE T.DEPT_ID = CART.TARGET_ID  ");
            node_sql.append("     				AND T.USER_ID = '" + userId + "'");
            node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
            node_sql.append("     		  ) ");
            node_sql.append("     ) ");

            // 岗位维度
            node_sql.append("  OR ( ");
            node_sql.append("  	  CART.TARGET_TYPE = '4' ");
            node_sql.append("  	AND EXISTS(");
            node_sql.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
            node_sql.append("                   WHERE T.POSITION_ID = CART.TARGET_ID  ");
            node_sql.append("     				AND T.USER_ID = '" + userId + "'");
            node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
            node_sql.append("     		  ) ");
            node_sql.append("     )) ");

            node_sql.append(" AND CART.ORG_ID = '" + orgId + "' ");
            node_sql.append(" AND CART.SYS_ID = '" + sysId + "' ");
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,%' ");
            node_sql.append(" GROUP BY CART.CODE, CART.TARGET_ID, CART.TARGET_TYPE ");
            //有权限设置的节点
            List<Map<String, Object>> nodeList = this.jdbcAvicit.getJdbcTemplate().queryForList(node_sql.toString());

            //获得有权限条件信息的数据
            StringBuffer sbSql = new StringBuffer();
            sbSql.append("SELECT LQ.ZDM, LQ.QUALIFICATION_VALUE Q_VALUE, LQ.LOGIC, T1.CODE,T1.TARGET_TYPE \n");
            sbSql.append("  FROM LANTOP_QUALIFICATION_DETAIL LQ \n");
            sbSql.append("  LEFT JOIN CBB_AUTH_RESOURCE T1 \n");
            sbSql.append("    ON T1.ID = LQ.CBB_AUTH_RESOURCE_ID \n");
            sbSql.append(" WHERE T1.ORG_ID = '" + orgId + "' \n");
            sbSql.append("   AND T1.SYS_ID = '" + sysId + "' \n");
            sbSql.append("   AND ((T1.TARGET_ID = '" + userId + "' AND T1.TARGET_TYPE = '3') \n");
            sbSql.append("       OR (T1.TARGET_TYPE = '1' AND EXISTS \n");
            sbSql.append("        (SELECT SYS_ROLE_ID \n");
            sbSql.append("               FROM SYS_USER_ROLE T \n");
            sbSql.append("              WHERE T.SYS_ROLE_ID = T1.TARGET_ID \n");
            sbSql.append("                AND T.SYS_USER_ID = '" + userId + "' \n");
            sbSql.append("                AND T.ORG_IDENTITY = '" + orgIdentity + "')) \n");
            sbSql.append("       OR (T1.TARGET_TYPE = '2' AND EXISTS \n");
            sbSql.append("        (SELECT DEPT_ID \n");
            sbSql.append("               FROM BPM_DEF_USER_DEPT_POSITION_V T \n");
            sbSql.append("              WHERE T.DEPT_ID = T1.TARGET_ID \n");
            sbSql.append("                AND T.USER_ID = '" + userId + "' \n");
            sbSql.append("                AND T.ORG_IDENTITY = '" + orgIdentity + "')) \n");
            sbSql.append("       OR (T1.TARGET_TYPE = '4' AND EXISTS \n");
            sbSql.append("        (SELECT POSITION_ID \n");
            sbSql.append("               FROM BPM_DEF_USER_DEPT_POSITION_V T \n");
            sbSql.append("              WHERE T.POSITION_ID = T1.TARGET_ID \n");
            sbSql.append("                AND T.USER_ID = '" + userId + "' \n");
            sbSql.append("                AND T.ORG_IDENTITY = '" + orgIdentity + "'))) \n");
            sbSql.append("   AND T1.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' \n");
            sbSql.append("   AND T1.ACTION_TYPE = 'A1' \n");
            sbSql.append("   AND T1.OPERATE_AUTH = '1' \n");
            sbSql.append(" ORDER BY LQ.ORDER_BY \n");

            //有权限条件信息数据
            List<Map<String, Object>> whereSqlList = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSql.toString());

            StringBuffer authsql = new StringBuffer();
            // 循环得到的节点
            for (int k = 0; k < nodeList.size(); k++) {
                Map<String, Object> map = nodeList.get(k);
                String nodeId = map.get("NODE_ID").toString();
                String type = map.get("TARGET_TYPE").toString();
                authsql.append(" ( LANTOP_NODE_ID = '" + nodeId + "' ");
                StringBuffer table_sql = new StringBuffer();
                table_sql.append(" SELECT T.ID,T.TABLE_NAME, ");
                table_sql.append(" CASE WHEN (  ");
                table_sql.append(" SELECT COUNT(*) FROM CBB_TAB_NODE CN ");
                table_sql.append(" WHERE CN.NODE_ID = '" + nodeId + "' ");
                table_sql.append(" ) = '1' THEN 'lantop_wjml' ");
                table_sql.append(" WHEN ( ");
                table_sql.append(" SELECT COUNT(*) FROM CBB_TAB_NODE CN ");
                table_sql.append(" WHERE CN.NODE_ID = '" + nodeId + "' ");
                table_sql.append(" ) = '2'");
                table_sql.append(" THEN DECODE( ");
                table_sql.append(" CTN.TAB_ORDER, 1, 'lantop_ajml', 2, 'lantop_wjml' ");
                table_sql.append(" ) END TAB_ORDER ");
                table_sql.append(" FROM CBB_TABLES T ");
                table_sql.append(" LEFT JOIN CBB_TAB_NODE CTN ON CTN.TABLE_ID = T.ID ");
                table_sql.append(" WHERE CTN.ORG_ID = '" + orgId + "' ");
                table_sql.append(" AND CTN.SYS_ID = '" + sysId + "' ");
                table_sql.append(" AND CTN.NODE_ID = '" + nodeId + "' ");
                List<Map<String, Object>> tableList = this.jdbcAvicit.getJdbcTemplate().queryForList(table_sql.toString());
                StringBuffer table_auth_sql = new StringBuffer();
                // 循环得到的资源表
                int j = 0;
                for (int i = 0; i < tableList.size(); i++) {
                    Map<String, Object> table = tableList.get(i);
                    String id = table.get("id").toString();
                    StringBuffer conSql = new StringBuffer();
                    String code = nodeId + "_" + id;
                    // 根据表明获得公共字段对应值
                    Map<String, String> fieldMap = getPublicColFiled(orgId, deptId, sysId, id);
                    if (null != fieldMap && fieldMap.size() != 0) {
                        StringBuffer conditionSQL = new StringBuffer();
                        for (Map<String, Object> whereSqlMap : whereSqlList) {
                            String targetType = (String) whereSqlMap.get("TARGET_TYPE");
                            String targetCode = (String) whereSqlMap.get("CODE");
                            if (type.equals(targetType) && code.equals(targetCode)) {
                                String zdm = whereSqlMap.get("ZDM").toString();
                                String value = whereSqlMap.get("Q_VALUE").toString();
                                Object logic = whereSqlMap.get("LOGIC");
                                String publicZDM = fieldMap.get(zdm);
                                if (null != publicZDM && !"".equals(publicZDM) && !"null".equals(publicZDM)) {
                                    conditionSQL.append(value.replaceAll(zdm, publicZDM));
                                    conditionSQL.append(null == logic ? "" : logic);
                                }
                            }
                        }
                        if (!conditionSQL.toString().equals("")) {
                            conSql.append(" OR (" + conditionSQL.toString() + ")");
                        }

                        if (!conSql.toString().equals("")) {
                            if (j > 0) {
                                table_auth_sql.append(" OR ");
                            }
                            table_auth_sql.append(" ( ARCHIVE_TABLE_ID = '" + id + "'");
                            table_auth_sql.append(" AND ( 1=2 " + conSql + "))");
                            j++;
                        }
                    }
                }

                if (!table_auth_sql.toString().equals("")) {
                    authsql.append(" AND ( " + table_auth_sql + " )");
                }

                if (k == nodeList.size() - 1) {
                    authsql.append(" ) ");
                } else {
                    authsql.append(" ) OR ");
                }
            }

            String sysConfig = this.getMjSysConfigByIntfs(null); // 2为启用目录密级权限控制,4为目录和全文都控制
            if ("2".equals(sysConfig) || "4".equals(sysConfig)) {
                String maxSecret = this.getUserMaxSecretLevel(userId);
                if (authsql.length() > 0) {
                    sql.append(" (MJ_CODE <= '" + maxSecret + "' OR MJ_CODE IS NULL OR MJ_CODE = '' ) AND  \n");
                }
            }
            sql.append(" (" + authsql + ")");

            // 条目sql
            // 角色维度
            //StringBuffer resCodes = new StringBuffer();
            StringBuffer sqlAuth = new StringBuffer();
            sqlAuth.append(" SELECT T.RES_CODE,T.RCD_DATA_TYPE,SA.PARENT_REGISTER_ID FROM LANTOP_USER_AUTH_EXTEND_DATA T ");
            sqlAuth.append(" LEFT JOIN CBB_DOC_RELATION CDR ON T.Res_Code = CDR.RECORD_ID ");
            sqlAuth.append(" LEFT JOIN SYS_ATTACHMENT SA ON CDR.ATTACHMENT_ID = SA.ID ");
            sqlAuth.append(" where T.ORG_ID = '" + orgId + "' ");
            sqlAuth.append(" AND T.SYS_ID = '" + sysId + "' ");

            // 用户维度
            sqlAuth.append(" AND ((T.TARGET_ID = '" + userId + "'  ");
            sqlAuth.append("                 AND T.TARGET_TYPE = '3' ) ");
            // 角色维度
            sqlAuth.append("  OR ( ");
            sqlAuth.append("  	  T.TARGET_TYPE = '1' ");
            sqlAuth.append("  	AND EXISTS(");
            sqlAuth.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T1  ");
            sqlAuth.append("                   WHERE T1.SYS_ROLE_ID = T.TARGET_ID  ");
            sqlAuth.append("     				AND T1.SYS_USER_ID = '" + userId + "'");
            sqlAuth.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
            sqlAuth.append("     		  ) ");
            sqlAuth.append("     ) ");

            // 部门维度
            sqlAuth.append("  OR ( ");
            sqlAuth.append("  	  T.TARGET_TYPE = '2' ");
            sqlAuth.append("  	AND EXISTS(");
            sqlAuth.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T1 ");
            sqlAuth.append("                   WHERE T1.DEPT_ID = T.TARGET_ID  ");
            sqlAuth.append("     				AND T1.USER_ID = '" + userId + "'");
            sqlAuth.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
            sqlAuth.append("     		  ) ");
            sqlAuth.append("     ) ");

            // 岗位维度
            sqlAuth.append("  OR ( ");
            sqlAuth.append("  	  T.TARGET_TYPE = '4' ");
            sqlAuth.append("  	AND EXISTS(");
            sqlAuth.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T1 ");
            sqlAuth.append("                   WHERE T1.POSITION_ID = T.TARGET_ID  ");
            sqlAuth.append("     				AND T1.USER_ID = '" + userId + "'");
            sqlAuth.append("                     AND T1.ORG_IDENTITY = '" + orgIdentity + "'");
            sqlAuth.append("     		  ) ");
            sqlAuth.append("     )) ");
            // 张余----修改

            sqlAuth.append(" AND T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
            sqlAuth.append(" AND T.OPERATE_AUTH LIKE '1,%' ");
            sqlAuth.append(" AND (T.START_DATE <= to_date(to_char(SYSDATE, 'yyyy-MM-dd'),'yyyy-MM-dd') OR T.START_DATE IS NULL) ");
            sqlAuth.append(" AND (T.END_DATE >= to_date(to_char(SYSDATE, 'yyyy-MM-dd'),'yyyy-MM-dd') OR T.END_DATE IS NULL) ");


            sql.append(" OR ( EXISTS (");
            sql.append(" SELECT XS1.PARENT_REGISTER_ID LANTOP_RCD_ID  FROM ( " + sqlAuth.toString() + " ) XS1 WHERE XS1.RCD_DATA_TYPE = '0' AND XS1.PARENT_REGISTER_ID = LANTOP_RCD_ID ");
            sql.append(" UNION ALL ");
            sql.append(" SELECT XS1.RES_CODE LANTOP_RCD_ID FROM ( " + sqlAuth.toString() + " ) XS1 WHERE XS1.RCD_DATA_TYPE <> '0' AND XS1.RES_CODE = LANTOP_RCD_ID ");
            sql.append(" ) ) ");
			/*List<Map<String, Object>> authList = this.jdbcAvicit.getJdbcTemplate().queryForList(sqlAuth.toString());
			for (int j = 0; j < authList.size(); j++) {
				Map<String, Object> authMap = authList.get(j);
				String type = authMap.get("RCD_DATA_TYPE").toString();// 得到条目存储类型
				if (type.equals("0")) {// 条目类型。0：电子文件；1：文件级；2：案卷级
					resCodes.append(",'" + authMap.get("PARENT_REGISTER_ID") + "'");
				} else {
					resCodes.append(",'" + authMap.get("RES_CODE") + "'");
				}
			}

			if (resCodes.length() > 0) {
				sql.append(" OR (LANTOP_RCD_ID in (" + resCodes.toString().substring(1) + ") )");
			}*/

        } catch (Exception e) {
            e.printStackTrace();
        }
        return sql.toString();
    }

    /**
     * 根据表ID获得其对应的公共字段
     *
     * @param tableId 表ID
     * @return Map<String, String>
     * @throws Exception
     * @author youyu
     */
    private Map<String, String> getPublicColFiled(String orgId, String deptId, String sysId, String tableId) throws Exception {
        String tableName = "LANTOP_PUB_FIELD";
        List<Map<String, Object>> publicColList = commTableManagerIntfsService.getCbbTableAndColumnsByTabNameByIntfs(orgId, deptId, sysId, tableName); // 公共字段列信息

        Map<String, String> mapResult = new HashMap<String, String>();
        StringBuffer query = new StringBuffer();
        query.append("SELECT FT.SOURCE_FIELD_NAME_EN S_FIELD,FT.TGT_FIELD_NAME_EN T_FIELD \n");
        query.append("  FROM LANTOP_FIELD_RELATE_SET_ITEM FT \n");
        query.append("  LEFT JOIN LANTOP_FIELD_RELATE_SET F \n");
        query.append("    ON F.ID = FT.LANTOP_FIELD_RELATE_SET_ID \n");
        query.append(" WHERE F.SOURCE_TABLE_ID = '" + tableId + "' \n");
        List<Map<String, Object>> authList = this.jdbcAvicit.getJdbcTemplate().queryForList(query.toString());
        for (Map<String, Object> map : authList) {
            String s_field = null == map.get("S_FIELD") ? "" : map.get("S_FIELD").toString();
            String t_field = null == map.get("T_FIELD") ? "" : map.get("T_FIELD").toString();
            if (s_field.equals("") || t_field.equals("")) {
                continue;
            }
            for (Map<String, Object> m : publicColList) {
                Object colField = m.get("COL_NAME");
                if (colField == null || colField.equals("")) {
                    continue;
                } else {
                    if (!colField.equals(t_field)) {
                        continue;
                    }
                }
                Object colType = m.get("COL_DROPDOWN_TYPE");
                if (colType != null && !colType.equals("")) {
                    if (colType.equals("1") || colType.equals("2")) {
                        t_field = t_field + "_CODE";
                    }
                }
            }

            mapResult.put(s_field, t_field);
        }
        return mapResult;
    }

    /**
     * 根据数据ID和表ID获得其全文条件SQL
     *
     * @throws Exception
     */
    private String getQWauthSql(String tableId, String nodeId, String orgId, String sysId, String userId, String orgIdentity) throws Exception {
        StringBuffer authsql = new StringBuffer();
        // 根据用户id查询节点信息SQL
        StringBuffer node_sql = new StringBuffer();
        node_sql.append("SELECT CART.TARGET_ID,CART.TARGET_TYPE FROM CBB_AUTH_RESOURCE CART ");
        node_sql.append(" WHERE CART.ORG_ID = '" + orgId + "' ");
        node_sql.append(" AND CART.SYS_ID = '" + sysId + "' ");
        node_sql.append(" AND CART.CODE = '" + nodeId + "'");
        node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,%' ");

        // 用户维度
        node_sql.append(" AND ((CART.TARGET_ID = '" + userId + "'  ");
        node_sql.append("                 AND CART.TARGET_TYPE = '3' ) ");
        // 角色维度
        node_sql.append("  OR ( ");
        node_sql.append("  	  CART.TARGET_TYPE = '1' ");
        node_sql.append("  	AND EXISTS(");
        node_sql.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T  ");
        node_sql.append("                   WHERE T.SYS_ROLE_ID = CART.TARGET_ID  ");
        node_sql.append("     				AND T.SYS_USER_ID = '" + userId + "'");
        node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        node_sql.append("     		  ) ");
        node_sql.append("     ) ");

        // 部门维度
        node_sql.append("  OR ( ");
        node_sql.append("  	  CART.TARGET_TYPE = '2' ");
        node_sql.append("  	AND EXISTS(");
        node_sql.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        node_sql.append("                   WHERE T.DEPT_ID = CART.TARGET_ID  ");
        node_sql.append("     				AND T.USER_ID = '" + userId + "'");
        node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        node_sql.append("     		  ) ");
        node_sql.append("     ) ");

        // 岗位维度
        node_sql.append("  OR ( ");
        node_sql.append("  	  CART.TARGET_TYPE = '4' ");
        node_sql.append("  	AND EXISTS(");
        node_sql.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        node_sql.append("                   WHERE T.POSITION_ID = CART.TARGET_ID  ");
        node_sql.append("     				AND T.USER_ID = '" + userId + "'");
        node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        node_sql.append("     		  ) ");
        node_sql.append("     )) ");
        // 张余----修改

        node_sql.append(" GROUP BY CART.TARGET_ID, CART.TARGET_TYPE ");
        List<Map<String, Object>> nodeList = this.jdbcAvicit.getJdbcTemplate().queryForList(node_sql.toString());
        StringBuffer conSql = new StringBuffer();
        StringBuffer user_sql;
        List<Map<String, Object>> roleList;
        for (Map<String, Object> map : nodeList) {
            String type = map.get("TARGET_TYPE").toString();
            String targetId = map.get("TARGET_ID").toString();
            if (type.equals("1")) {
                user_sql = new StringBuffer();
                // 获得角色条件sql
                user_sql.append("SELECT T.DATA_AUTH \n");
                user_sql.append("  FROM CBB_AUTH_RESOURCE T \n");
                user_sql.append(" WHERE T.ORG_ID = '" + orgId + "' ");
                user_sql.append(" AND T.SYS_ID = '" + sysId + "' ");
                user_sql.append(" AND T.TARGET_TYPE = '1' ");
                user_sql.append(" AND T.TARGET_ID = '" + targetId + "' ");
                user_sql.append(" AND T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
                user_sql.append(" AND T.ACTION_TYPE = 'A2' ");
                user_sql.append(" AND T.OPERATE_AUTH = '1' ");
                user_sql.append(" AND T.CODE = '" + nodeId + "_" + tableId + "' ");
                roleList = this.jdbcAvicit.getJdbcTemplate().queryForList(user_sql.toString());
                if (roleList.size() > 0) {
                    conSql.append(" OR (" + roleList.get(0).get("DATA_AUTH") + ")");

                }
            }
            // 用户维度
            if (type.equals("3")) {
                user_sql = new StringBuffer();
                // 获得角色条件sql
                user_sql.append("SELECT T.DATA_AUTH \n");
                user_sql.append("  FROM CBB_AUTH_RESOURCE T \n");
                user_sql.append(" WHERE T.ORG_ID = '" + orgId + "' ");
                user_sql.append(" AND T.SYS_ID = '" + sysId + "' ");
                user_sql.append(" AND T.TARGET_TYPE = '3' ");
                user_sql.append(" AND T.TARGET_ID = '" + targetId + "' ");
                user_sql.append(" AND T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
                user_sql.append(" AND T.ACTION_TYPE = 'A2' ");
                user_sql.append(" AND T.OPERATE_AUTH = '1' ");
                user_sql.append(" AND T.CODE = '" + nodeId + "_" + tableId + "' ");
                roleList = this.jdbcAvicit.getJdbcTemplate().queryForList(user_sql.toString());
                if (roleList.size() > 0) {
                    conSql.append(" OR (" + roleList.get(0).get("DATA_AUTH") + ")");

                }
            }
            // 部门维度
            if (type.equals("2")) {
                user_sql = new StringBuffer();
                // 获得角色条件sql
                user_sql.append("SELECT T.DATA_AUTH \n");
                user_sql.append("  FROM CBB_AUTH_RESOURCE T \n");
                user_sql.append(" WHERE T.ORG_ID = '" + orgId + "' ");
                user_sql.append(" AND T.SYS_ID = '" + sysId + "' ");
                user_sql.append(" AND T.TARGET_TYPE = '2' ");
                user_sql.append(" AND T.TARGET_ID = '" + targetId + "' ");
                user_sql.append(" AND T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
                user_sql.append(" AND T.ACTION_TYPE = 'A2' ");
                user_sql.append(" AND T.OPERATE_AUTH = '1' ");
                user_sql.append(" AND T.CODE = '" + nodeId + "_" + tableId + "' ");
                roleList = this.jdbcAvicit.getJdbcTemplate().queryForList(user_sql.toString());
                if (roleList.size() > 0) {
                    conSql.append(" OR (" + roleList.get(0).get("DATA_AUTH") + ")");

                }
            }
            // 岗位维度
            if (type.equals("4")) {
                user_sql = new StringBuffer();
                // 获得角色条件sql
                user_sql.append("SELECT T.DATA_AUTH \n");
                user_sql.append("  FROM CBB_AUTH_RESOURCE T \n");
                user_sql.append(" WHERE T.ORG_ID = '" + orgId + "' ");
                user_sql.append(" AND T.SYS_ID = '" + sysId + "' ");
                user_sql.append(" AND T.TARGET_TYPE = '4' ");
                user_sql.append(" AND T.TARGET_ID = '" + targetId + "' ");
                user_sql.append(" AND T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
                user_sql.append(" AND T.ACTION_TYPE = 'A2' ");
                user_sql.append(" AND T.OPERATE_AUTH = '1' ");
                user_sql.append(" AND T.CODE = '" + nodeId + "_" + tableId + "' ");
                roleList = this.jdbcAvicit.getJdbcTemplate().queryForList(user_sql.toString());
                if (roleList.size() > 0) {
                    conSql.append(" OR (" + roleList.get(0).get("DATA_AUTH") + ")");
                }
            }
        }

        if (!conSql.toString().equals("")) {
            authsql.append(" ( 1 = 2 " + conSql.toString() + ")");
        }
        return authsql.toString();

    }

    /**
     * 获取没有权限的分类树节点ID串
     *
     * @param param 参数：orgId（组织ID）,deptId（部门ID）,sysId（系统标识ID）,targetId（授权目标ID）,targetType（授权维度标识）
     * @return String 格式：ID1,ID2
     * @throws Exception
     * @author 郭凯
     */
    @Override
    public List<String> getNotAuthArchiveId(Map<String, Object> param) throws Exception {
        String orgId = (String) param.get("orgId");
        String sysId = (String) param.get("sysId");
        String targetId = (String) param.get("targetId");
        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }

        StringBuffer sbSql = new StringBuffer();
        sbSql.append("WITH T1 AS ");
        sbSql.append(" (SELECT LAC.ORG_ID, ");
        sbSql.append("         LAC.DEPT_ID, ");
        sbSql.append("         LAC.SYS_ID, ");
        sbSql.append("         LAC.ARCHIVE_CLASS_NODE_NAME, ");
        sbSql.append("         LAC.ARCHIVE_CLASS_NODE_TYPE, ");
        sbSql.append("         LAC.ID, ");
        sbSql.append("         LAC.PARENT_ID, ");
        sbSql.append("         CARU.ID                     AS CBB_AUTH_RESOURCE_ID, ");
        sbSql.append("         CARU.AUTH_SERVICE_ID, ");
        sbSql.append("         CARU.TARGET_TYPE, ");
        sbSql.append("         CARU.TARGET_ID, ");
        sbSql.append("         CARU.CODE                   AS RES_CODE, ");
        sbSql.append("         CARU.NAME                   AS RES_NAME, ");
        sbSql.append("         CARU.ACTION_TYPE, ");
        sbSql.append("         CARU.OPERATE_AUTH, ");
        sbSql.append("         LAC.ARCHIVE_TYPE, ");
        sbSql.append("         CARU.REL_TARGET_ID, ");
        sbSql.append("         CARU.REL_TARGET_NAME ");
        sbSql.append("    FROM LANTOP_ARCHIVE_CLASS LAC ");
        sbSql.append("    LEFT JOIN (SELECT CART.ID, ");
        sbSql.append("                     CART.AUTH_SERVICE_ID, ");
        sbSql.append("                     CART.TARGET_TYPE, ");
        sbSql.append("                     CART.TARGET_ID, ");
        sbSql.append("                     CART.CODE, ");
        sbSql.append("                     CART.NAME, ");
        sbSql.append("                     CART.ACTION_TYPE, ");
        sbSql.append("                     CART.OPERATE_AUTH, ");
        sbSql.append("                     LUASE.REL_TARGET_ID, ");
        sbSql.append("                     LUASE.REL_TARGET_NAME ");
        sbSql.append("                FROM CBB_AUTH_RESOURCE CART ");
        sbSql.append("                LEFT JOIN LANTOP_USER_AUTH_SET_EXTEND LUASE ");
        sbSql.append("                  ON CART.ID = LUASE.CBB_AUTH_RESOURCE_ID ");

        // 张余----修改
        sbSql.append("                 WHERE ( ");
        // 用户维度
        sbSql.append(" (CART.TARGET_ID = '" + targetId + "'  ");
        sbSql.append("                 AND CART.TARGET_TYPE = '3' ) ");
        // 角色维度
        sbSql.append("  OR ( ");
        sbSql.append("  	  CART.TARGET_TYPE = '1' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T  ");
        sbSql.append("                   WHERE T.SYS_ROLE_ID = CART.TARGET_ID  ");
        sbSql.append("     				AND T.SYS_USER_ID = '" + targetId + "'");
        sbSql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("     		  ) ");
        sbSql.append("     ) ");

        // 部门维度
        sbSql.append("  OR ( ");
        sbSql.append("  	  CART.TARGET_TYPE = '2' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSql.append("                   WHERE T.DEPT_ID = CART.TARGET_ID  ");
        sbSql.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("     		  ) ");
        sbSql.append("     ) ");

        // 岗位维度
        sbSql.append("  OR ( ");
        sbSql.append("  	  CART.TARGET_TYPE = '4' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSql.append("                   WHERE T.POSITION_ID = CART.TARGET_ID  ");
        sbSql.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("     		  ) ");
        sbSql.append("     )) ");
        sbSql.append(" )");
        // 张余----修改

        sbSql.append("                 AND CART.ORG_ID = '" + orgId + "' ");
        sbSql.append("                 AND CART.SYS_ID = '" + sysId + "' ");
        sbSql.append("                 AND CART.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
        sbSql.append("                 ) CARU ");
        sbSql.append("      ON LAC.ID = CARU.CODE ");
        sbSql.append("   WHERE LAC.ORG_ID = '" + orgId + "' ");
        sbSql.append("     AND LAC.SYS_ID = '" + sysId + "' ");
        sbSql.append("     AND LAC.ARCHIVE_CLASS_NODE_CODE NOT IN ('BMWJ', 'GRWJ') ");
        sbSql.append("     AND LAC.ARCHIVE_CLASS_NODE_TYPE IS NULL ");
        sbSql.append("     AND EXISTS ( SELECT T.ID FROM LANTOP_ARCHIVE_CLASS T WHERE T.ID = LAC.ID AND T.ARCHIVE_TYPE = '10' )");
        sbSql.append("     ) ");
        StringBuffer sbSqlSec = new StringBuffer();
        // 2015-12-28，修改内容：没有给该节点授条目浏览权限，但条目权限配置中设置了可以看到该节点下的某些数据，之前实现看不到该节点，这里做了修改
        sbSqlSec.append("SELECT distinct(NODE_ID) IDS");
        sbSqlSec.append("  FROM (SELECT ID NODE_ID ");
        sbSqlSec.append("          FROM T1 ");
        sbSqlSec.append("         START WITH OPERATE_AUTH LIKE '1,%' ");
        sbSqlSec.append("        CONNECT BY PRIOR PARENT_ID = ID ");
        sbSqlSec.append("        UNION ALL ");
        sbSqlSec.append("        SELECT LUAED.ARCHIVE_CLASS_ID NODE_ID ");
        sbSqlSec.append("          FROM LANTOP_USER_AUTH_EXTEND_DATA LUAED");
        sbSqlSec.append(" WHERE LUAED.ORG_ID = '" + orgId + "'");
        sbSqlSec.append("  AND LUAED.SYS_ID = '" + sysId + "'");
        sbSqlSec.append("  AND (LUAED.START_DATE <=");
        sbSqlSec.append("      to_date(to_char(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR");
        sbSqlSec.append("      LUAED.START_DATE IS NULL)");
        sbSqlSec.append("  AND (LUAED.END_DATE >=");
        sbSqlSec.append("      to_date(to_char(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR");
        sbSqlSec.append("      LUAED.END_DATE IS NULL)");

        // 张余-----修改
        // 用户维度
        sbSqlSec.append("                 AND ( (LUAED.TARGET_ID = '" + targetId + "' ");
        sbSqlSec.append("                 AND LUAED.TARGET_TYPE = '3' ) ");
        // 角色维度
        sbSqlSec.append("  OR ( ");
        sbSqlSec.append("  	  LUAED.TARGET_TYPE = '1' ");
        sbSqlSec.append("  	AND EXISTS(");
        sbSqlSec.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T  ");
        sbSqlSec.append("                   WHERE T.SYS_ROLE_ID = LUAED.TARGET_ID  ");
        sbSqlSec.append("     				AND T.SYS_USER_ID = '" + targetId + "'");
        sbSqlSec.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSqlSec.append("     		  ) ");
        sbSqlSec.append("     ) ");

        // 部门维度
        sbSqlSec.append("  OR ( ");
        sbSqlSec.append("  	  LUAED.TARGET_TYPE = '2' ");
        sbSqlSec.append("  	AND EXISTS(");
        sbSqlSec.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSqlSec.append("                   WHERE T.DEPT_ID = LUAED.TARGET_ID  ");
        sbSqlSec.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSqlSec.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSqlSec.append("     		  ) ");
        sbSqlSec.append("     ) ");

        // 岗位维度
        sbSqlSec.append("  OR ( ");
        sbSqlSec.append("  	  LUAED.TARGET_TYPE = '4' ");
        sbSqlSec.append("  	AND EXISTS(");
        sbSqlSec.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSqlSec.append("                   WHERE T.POSITION_ID = LUAED.TARGET_ID  ");
        sbSqlSec.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSqlSec.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSqlSec.append("     		  ) ");
        sbSqlSec.append("     )) ");
        sbSqlSec.append(" )");

        // 张余-----修改

        List<String> list = new ArrayList<String>();
        list.add(sbSql.toString());
        list.add(sbSqlSec.toString());
        return list;
    }

    /**
     * 获取用户有权限的模板库（tableId）信息
     *
     * @param : orgId（组织ID）
     * @param : deptId（部门ID）
     * @param : sysId（系统标识ID
     * @param : param : key
     *          orgIdentity : 组织应用ID
     *          userId : 用户ID
     * @return Map<String, Object> : key
     * tableIds （List<String>）
     * tableNames （List<String>）
     * @throws Exception
     * @author 张余
     */
    @Override
    public Map<String, Object> getAuthTableIdByUserId(String sysId, String deptId, String orgId, Map<String, Object> param) throws Exception {
        String userId = "";//用户ID
        if (null != param && param.containsKey("userId")) {
            userId = (String) param.get("userId");
        } else {
            throw new Exception("用户ID不存在,请检查传递的参数");
        }
        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }

        StringBuffer query = new StringBuffer();
        query.append("WITH T1 AS \n");//获取节点有权限的表ID
        query.append(" (SELECT CT.TABLE_NAME TABLENAME, CT.ID TABLEID \n");
        query.append("    FROM CBB_AUTH_RESOURCE CAR \n");
        query.append("    LEFT JOIN CBB_TAB_NODE CTN \n");
        query.append("      ON CAR.CODE = CTN.NODE_ID \n");
        query.append("    LEFT JOIN CBB_TABLES CT \n");
        query.append("      ON CT.ID = CTN.TABLE_ID \n");
        query.append("   WHERE CAR.ORG_ID = '" + orgId + "' \n");
        query.append("     AND CAR.SYS_ID = '" + sysId + "' \n");
        query.append("     AND CAR.DEPT_ID = '" + deptId + "' \n");
        query.append("     AND CAR.OPERATE_AUTH LIKE '%1,%' \n");//有浏览权限
        query.append("     AND ((CAR.TARGET_ID = '" + userId + "' AND CAR.TARGET_TYPE = '3') OR \n");//用户维度
        query.append("         (CAR.TARGET_TYPE = '1' AND \n");//角色维度
        query.append("        EXISTS (SELECT SUR.SYS_ROLE_ID \n");
        query.append("              FROM SYS_USER_ROLE SUR \n");
        query.append("             WHERE CAR.TARGET_ID =SUR.SYS_ROLE_ID  AND  SUR.SYS_USER_ID = '" + userId + "' \n");
        query.append("               AND SUR.ORG_IDENTITY = '" + orgIdentity + "')) OR \n");
        query.append("         (CAR.TARGET_TYPE = '2' AND \n");//部门维度
        query.append("        EXISTS (SELECT DPV.DEPT_ID \n");
        query.append("              FROM BPM_DEF_USER_DEPT_POSITION_V DPV \n");
        query.append("             WHERE CAR.TARGET_ID =  DPV.DEPT_ID AND DPV.USER_ID = '" + userId + "' \n");
        query.append("               AND DPV.ORG_IDENTITY = '" + orgIdentity + "')) OR \n");
        query.append("         (CAR.TARGET_TYPE = '4' AND \n");//岗位维度
        query.append("         EXISTS (SELECT DPV.POSITION_ID \n");
        query.append("              FROM BPM_DEF_USER_DEPT_POSITION_V DPV \n");
        query.append("             WHERE CAR.TARGET_ID =  DPV.POSITION_ID AND DPV.USER_ID = '" + userId + "' \n");
        query.append("               AND DPV.ORG_IDENTITY = '" + orgIdentity + "')))), \n");
        query.append("T2 AS \n");//获得条目设置有权限的表ID
        query.append(" (SELECT CT.TABLE_NAME TABLENAME, T.ID TABLEID \n");
        query.append("    FROM LANTOP_USER_AUTH_EXTEND_DATA T \n");
        query.append("    LEFT JOIN CBB_TABLES CT \n");
        query.append("      ON T.ARCHIVE_TABLE_ID = CT.ID \n");
        query.append("   WHERE T.ORG_ID = '" + orgId + "' \n");
        query.append("     AND T.SYS_ID = '" + sysId + "' \n");
        query.append("     AND T.DEPT_ID = '" + deptId + "' \n");
        query.append("     AND T.OPERATE_AUTH LIKE '%1,%' \n");//有浏览权限
        query.append("     AND ((T.TARGET_ID = '" + userId + "' AND T.TARGET_TYPE = '3') OR \n");//用户维度
        query.append("         (T.TARGET_TYPE = '1' AND \n");//角色维度
        query.append("         EXISTS (SELECT SUR.SYS_ROLE_ID \n");
        query.append("              FROM SYS_USER_ROLE SUR \n");
        query.append("             WHERE T.TARGET_ID = SUR.SYS_ROLE_ID AND SUR.SYS_USER_ID = '" + userId + "' \n");
        query.append("               AND SUR.ORG_IDENTITY = '" + orgIdentity + "')) OR \n");
        query.append("         (T.TARGET_TYPE = '2' AND \n");//部门维度
        query.append("         EXISTS (SELECT DPV.DEPT_ID \n");
        query.append("              FROM BPM_DEF_USER_DEPT_POSITION_V DPV \n");
        query.append("             WHERE T.TARGET_ID = DPV.DEPT_ID AND DPV.USER_ID = '" + userId + "' \n");
        query.append("               AND DPV.ORG_IDENTITY = '" + orgIdentity + "')) OR \n");
        query.append("         (T.TARGET_TYPE = '4' AND \n");//岗位维度
        query.append("         EXISTS (SELECT DPV.POSITION_ID \n");
        query.append("              FROM BPM_DEF_USER_DEPT_POSITION_V DPV \n");
        query.append("             WHERE T.TARGET_ID = DPV.POSITION AND DPV.USER_ID = '" + userId + "' \n");
        query.append("               AND DPV.ORG_IDENTITY = '" + orgIdentity + "')))), \n");
        query.append("T3 AS \n");//获得节点权限和条目设置权限有浏览权限表ID合集
        query.append(" (SELECT * FROM T1 UNION ALL SELECT * FROM T2) \n");
        query.append("SELECT TABLEID, TABLENAME \n");
        query.append("  FROM T3 \n");
        query.append(" WHERE TABLEID IS NOT NULL \n");//去除表ID为空
        query.append("   AND TABLENAME IS NOT NULL \n");//去除表名称为空
        query.append(" GROUP BY TABLEID, TABLENAME \n");//去重
        //查询SQL
        List<Map<String, Object>> list = this.jdbcAvicit.getJdbcTemplate().queryForList(query.toString());

        List<String> tableIdList = new ArrayList<String>();//表ID集合
        List<String> tableNameList = new ArrayList<String>();//表名称集合
        //循环查询结果list获得放入对应的list中
        for (Map<String, Object> map : list) {
            tableIdList.add(map.get("tableId").toString());//放入ID数据
            tableNameList.add(map.get("tableName").toString());//放入NAME数据
        }
        //结果map
        Map<String, Object> resultMap = new HashMap<String, Object>();
        resultMap.put("tableIds", tableIdList);
        resultMap.put("tableNames", tableNameList);
        return resultMap;
    }


    /**
     * @param param key            value
     *              sysId          系统ID
     *              orgId          组织ID
     *              roleCode       角色code
     *              deptId         部门Id
     *              orgIdentity    组织应用ID
     *              authType       权限类型（对应通用代码：A1(条目浏览)，A2（全文浏览）,A3（全文打印）,A4（全文下载））
     * @return
     * @throws Exception
     * @Description: 获得角色维度 有 不同权限维度的节点
     * @author youyu
     * @date 2019-8-28 下午2:55:22
     * @version 1.0
     */
    @Override
    public String getSqlConditionByRoleCode(Map<String, Object> param) throws Exception {
        StringBuffer sql = new StringBuffer();
        try {
            String sysId = param.get("sysId").toString();// 系统id
            String orgId = param.get("orgId").toString();// 组织id
            String deptId = param.get("deptId").toString();// 用户id
            String authType = param.get("authType").toString();//权限类型
            String orgIdentity = "";
            if (null != param && param.containsKey("orgIdentity")) {
                orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
                if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                    orgIdentity = orgId;
                }
            } else {
                orgIdentity = orgId;
            }
            String roleCode = param.get("roleCode").toString();// 角色code
            //根据角色code获得角色ID
            String roleId = getRoleIdByCode(roleCode, orgIdentity);
            if (null == roleId || "".equals(roleId)) {
                sql.append(" ( 1=2 ) ");
                return sql.toString();
            }

            // 根据角色id查询节点信息SQL
            StringBuffer node_sql = new StringBuffer();
            node_sql.append("select CART.CODE NODE_ID,CART.TARGET_ID,CART.TARGET_TYPE from CBB_AUTH_RESOURCE CART ");
            // 角色维度
            node_sql.append(" WHERE CART.TARGET_ID = '" + roleId + "' ");
            node_sql.append(" AND CART.TARGET_TYPE = '1'  ");

            node_sql.append(" AND CART.ORG_ID = '" + orgId + "' ");
            node_sql.append(" AND CART.SYS_ID = '" + sysId + "' ");
            if (authType.equals("A1")) {//条目浏览
                node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,%' ");
            } else if (authType.equals("A2")) {//全文浏览
                node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,%' ");
            } else if (authType.equals("A3")) {//全文打印
                node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,1,%' ");
            } else if (authType.equals("A4")) {//全文下载
                node_sql.append(" AND CART.OPERATE_AUTH = '1,1,1,1' ");
            } else {
                node_sql.append(" AND CART.OPERATE_AUTH = '0,0,0,0' ");
            }

            node_sql.append(" GROUP BY CART.CODE, CART.TARGET_ID, CART.TARGET_TYPE ");
            List<Map<String, Object>> nodeList = this.jdbcAvicit.getJdbcTemplate().queryForList(node_sql.toString());
            StringBuffer authsql = new StringBuffer();
            // 循环得到的节点
            for (int k = 0; k < nodeList.size(); k++) {
                Map<String, Object> map = nodeList.get(k);
                String nodeId = map.get("NODE_ID").toString();
                authsql.append(" ( LANTOP_NODE_ID = '" + nodeId + "' ");
                // 根据nodeId查询资源表
                StringBuffer table_sql = new StringBuffer();
                table_sql.append(" SELECT T.ID,T.TABLE_NAME, ");
                table_sql.append(" CASE WHEN (  ");
                table_sql.append(" SELECT COUNT(*) FROM CBB_TAB_NODE CN ");
                table_sql.append(" WHERE CN.NODE_ID = '" + nodeId + "' ");
                table_sql.append(" ) = '1' THEN 'lantop_wjml' ");
                table_sql.append(" WHEN ( ");
                table_sql.append(" SELECT COUNT(*) FROM CBB_TAB_NODE CN ");
                table_sql.append(" WHERE CN.NODE_ID = '" + nodeId + "' ");
                table_sql.append(" ) = '2'");
                table_sql.append(" THEN DECODE( ");
                table_sql.append(" CTN.TAB_ORDER, 1, 'lantop_ajml', 2, 'lantop_wjml' ");
                table_sql.append(" ) END TAB_ORDER ");
                table_sql.append(" FROM CBB_TABLES T ");
                table_sql.append(" LEFT JOIN CBB_TAB_NODE CTN ON CTN.TABLE_ID = T.ID ");
                table_sql.append(" WHERE CTN.ORG_ID = '" + orgId + "' ");
                table_sql.append(" AND CTN.SYS_ID = '" + sysId + "' ");
                table_sql.append(" AND CTN.NODE_ID = '" + nodeId + "' ");
                List<Map<String, Object>> tableList = this.jdbcAvicit.getJdbcTemplate().queryForList(table_sql.toString());
                StringBuffer role_sql;
                StringBuffer table_auth_sql = new StringBuffer();
                // 循环得到的资源表
                int j = 0;
                for (int i = 0; i < tableList.size(); i++) {
                    Map<String, Object> table = tableList.get(i);
                    String id = table.get("id").toString();
                    StringBuffer conSql = new StringBuffer();

                    // 根据表ID获得公共字段对应值
                    Map<String, String> fieldMap = getPublicColFiled(orgId, deptId, sysId, id);
                    if (null != fieldMap && fieldMap.size() != 0) {
                        // 条件sql
                        // 角色维度
                        roleId = map.get("TARGET_ID").toString();
                        role_sql = new StringBuffer();
                        // 获得角色条件sql
                        role_sql.append("SELECT LQ.ZDM, LQ.QUALIFICATION_VALUE Q_VALUE, LQ.LOGIC \n");
                        role_sql.append("  FROM LANTOP_QUALIFICATION_DETAIL LQ \n");
                        role_sql.append("  LEFT JOIN CBB_AUTH_RESOURCE T \n");
                        role_sql.append("    ON T.ID = LQ.CBB_AUTH_RESOURCE_ID \n");
                        role_sql.append(" WHERE T.ORG_ID = '" + orgId + "' ");
                        role_sql.append(" AND T.SYS_ID = '" + sysId + "' ");
                        role_sql.append(" AND T.TARGET_TYPE = '1' ");
                        role_sql.append(" AND T.TARGET_ID = '" + roleId + "' ");
                        role_sql.append(" AND T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
                        if (authType.equals("A1")) {//条目浏览
                            role_sql.append(" AND T.ACTION_TYPE = 'A1' ");
                        } else if (authType.equals("A2")) {//全文浏览
                            role_sql.append(" AND T.ACTION_TYPE = 'A2' ");
                        } else if (authType.equals("A3")) {//全文打印
                            role_sql.append(" AND T.ACTION_TYPE = 'A3' ");
                        } else if (authType.equals("A4")) {//全文下载
                            role_sql.append(" AND T.ACTION_TYPE = 'A4' ");
                        } else {
                            role_sql.append(" AND T.ACTION_TYPE = 'A0' ");
                        }

                        role_sql.append(" AND T.OPERATE_AUTH = '1' ");
                        role_sql.append(" AND T.CODE = '" + nodeId + "_" + id + "' ");
                        role_sql.append(" ORDER BY LQ.ORDER_BY ");
                        List<Map<String, Object>> roleList = this.jdbcAvicit.getJdbcTemplate().queryForList(role_sql.toString());
                        Object logic = "";
                        for (Map<String, Object> roleMap : roleList) {
                            String zdm = roleMap.get("ZDM").toString();
                            String value = roleMap.get("Q_VALUE").toString();
                            String publicZDM = fieldMap.get(zdm);
                            if (null != publicZDM && !"".equals(publicZDM) && !"null".equals(publicZDM)) {
                                conSql.append(value.replaceAll(zdm, publicZDM));
                                logic = roleMap.get("LOGIC");
                                conSql.append(null == logic ? "" : logic);
                            } else {
                                if (logic.equals("AND")) {
                                    conSql.append(" 1=1 ");
                                } else if (logic.equals("OR")) {
                                    conSql.append(" 1=2 ");
                                }
                            }
                        }

                        if (!conSql.toString().equals("")) {
                            if (j > 0) {
                                table_auth_sql.append(" OR ");
                            }
                            table_auth_sql.append(" ( ARCHIVE_TABLE_ID = '" + id + "'");
                            table_auth_sql.append(" AND (" + conSql + "))");
                            j++;
                        }
                    }
                }

                if (!table_auth_sql.toString().equals("")) {
                    authsql.append(" AND ( " + table_auth_sql + " )");
                }

                if (k == nodeList.size() - 1) {
                    authsql.append(" ) ");
                } else {
                    authsql.append(" ) OR ");
                }
            }

            if (!authsql.toString().equals("")) {
                //拼接角色有对应权限的节点ID和条件sql
                sql.append(" (" + authsql + ")");
            } else {
                sql.append(" (1=2)");
            }

            // 条目sql
            // 角色维度
            StringBuffer sqlAuth = new StringBuffer();
            sqlAuth.append(" SELECT T.RES_CODE,T.RCD_DATA_TYPE,SA.PARENT_REGISTER_ID FROM LANTOP_USER_AUTH_EXTEND_DATA T ");
            sqlAuth.append(" LEFT JOIN CBB_DOC_RELATION CDR ON T.Res_Code = CDR.RECORD_ID ");
            sqlAuth.append(" LEFT JOIN SYS_ATTACHMENT SA ON CDR.ATTACHMENT_ID = SA.ID ");
            sqlAuth.append(" where T.ORG_ID = '" + orgId + "' ");
            sqlAuth.append(" AND T.SYS_ID = '" + sysId + "' ");

            // 角色维度
            sqlAuth.append(" AND T.TARGET_ID = '" + roleId + "'  ");
            sqlAuth.append("                 AND T.TARGET_TYPE = '1'  ");

            sqlAuth.append(" AND T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
            if (authType.equals("A1")) {//条目浏览
                sqlAuth.append(" AND T.OPERATE_AUTH LIKE '1,%' ");
            } else if (authType.equals("A2")) {//全文浏览
                sqlAuth.append(" AND T.OPERATE_AUTH LIKE '1,1,%' ");
            } else if (authType.equals("A3")) {//全文打印
                sqlAuth.append(" AND T.OPERATE_AUTH LIKE '1,1,1,%' ");
            } else if (authType.equals("A4")) {//全文下载
                sqlAuth.append(" AND T.OPERATE_AUTH = '1,1,1,1' ");
            } else {
                sqlAuth.append(" AND T.OPERATE_AUTH = '0,0,0,0' ");
            }
            sqlAuth.append(" AND (T.START_DATE <= to_date(to_char(SYSDATE, 'yyyy-MM-dd'),'yyyy-MM-dd') OR T.START_DATE IS NULL) ");
            sqlAuth.append(" AND (T.END_DATE >= to_date(to_char(SYSDATE, 'yyyy-MM-dd'),'yyyy-MM-dd') OR T.END_DATE IS NULL) ");

            //拼接角色有条目对应权限的数据ID SQL
            sql.append(" OR ( EXISTS (");
            sql.append(" SELECT XS1.PARENT_REGISTER_ID LANTOP_RCD_ID  FROM ( " + sqlAuth.toString() + " ) XS1 WHERE XS1.RCD_DATA_TYPE = '0' AND XS1.PARENT_REGISTER_ID = LANTOP_RCD_ID ");
            sql.append(" UNION ALL ");
            sql.append(" SELECT XS1.RES_CODE LANTOP_RCD_ID FROM ( " + sqlAuth.toString() + " ) XS1 WHERE XS1.RCD_DATA_TYPE <> '0' AND XS1.RES_CODE = LANTOP_RCD_ID ");
            sql.append(" ) ) ");
        } catch (Exception e) {
            e.printStackTrace();
        }
        return sql.toString();
    }


    /**
     * @param param key            value
     *              sysId          系统ID
     *              orgId          组织ID
     *              roleCode       角色code
     *              deptId         部门Id
     *              orgIdentity    组织应用ID
     *              authType       权限类型（对应通用代码：A1(条目浏览)，A2（全文浏览）,A3（全文打印）,A4（全文下载））
     * @return
     * @throws Exception
     * @Description: 获得角色维度 有 不同权限维度的节点
     * @author youyu
     * @date 2019-8-28 下午2:55:22
     * @version 1.0
     */
    @Override
    public Map<String, Object> getSolrConditionByRoleCode(Map<String, Object> param) throws Exception {

        Map<String, Object> solrMap = new HashMap<String, Object>();//结果集合
        List<Map<String, Object>> nodeIdSqlList = new ArrayList<Map<String, Object>>();//节点及限制条件
        List<String> dataIdList = new ArrayList<String>();//数据ID集合
        try {
            String sysId = param.get("sysId").toString();// 系统id
            String orgId = param.get("orgId").toString();// 组织id
            String orgIdentity = "";
            if (null != param && param.containsKey("orgIdentity")) {
                orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
                if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                    orgIdentity = orgId;
                }
            } else {
                orgIdentity = orgId;
            }
            String deptId = param.get("deptId").toString();// 用户id
            String authType = param.get("authType").toString();//权限类型
            String roleCode = param.get("roleCode").toString();// 角色code
            //根据角色code获得角色ID
            String roleId = getRoleIdByCode(roleCode, orgIdentity);
            if (null == roleId || "".equals(roleId)) {
                solrMap.put("nodeIdSqlList", nodeIdSqlList);
                solrMap.put("dataIds", dataIdList);
                return solrMap;
            }
            // 根据角色id查询节点信息SQL
            StringBuffer node_sql = new StringBuffer();
            node_sql.append("select CART.CODE NODE_ID,CART.TARGET_ID,CART.TARGET_TYPE from CBB_AUTH_RESOURCE CART ");
            // 角色维度
            node_sql.append(" WHERE CART.TARGET_ID = '" + roleId + "' ");
            node_sql.append(" AND CART.TARGET_TYPE = '1'  ");

            node_sql.append(" AND CART.ORG_ID = '" + orgId + "' ");
            node_sql.append(" AND CART.SYS_ID = '" + sysId + "' ");
            if (authType.equals("A1")) {//条目浏览
                node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,%' ");
            } else if (authType.equals("A2")) {//全文浏览
                node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,%' ");
            } else if (authType.equals("A3")) {//全文打印
                node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,1,%' ");
            } else if (authType.equals("A4")) {//全文下载
                node_sql.append(" AND CART.OPERATE_AUTH = '1,1,1,1' ");
            } else {
                node_sql.append(" AND CART.OPERATE_AUTH = '0,0,0,0' ");
            }
            node_sql.append(" GROUP BY CART.CODE, CART.TARGET_ID, CART.TARGET_TYPE ");
            List<Map<String, Object>> nodeList = this.jdbcAvicit.getJdbcTemplate().queryForList(node_sql.toString());
            // 循环得到的节点
            for (int k = 0; k < nodeList.size(); k++) {
                Map<String, Object> nodeIdSqlMap = new HashMap<String, Object>();
                Map<String, Object> map = nodeList.get(k);
                String nodeId = map.get("NODE_ID").toString();
                nodeIdSqlMap.put("nodeId", nodeId);
                // 根据nodeId查询资源表
                StringBuffer table_sql = new StringBuffer();
                table_sql.append(" SELECT T.ID,T.TABLE_NAME, ");
                table_sql.append(" CASE WHEN (  ");
                table_sql.append(" SELECT COUNT(*) FROM CBB_TAB_NODE CN ");
                table_sql.append(" WHERE CN.NODE_ID = '" + nodeId + "' ");
                table_sql.append(" ) = '1' THEN 'lantop_wjml' ");
                table_sql.append(" WHEN ( ");
                table_sql.append(" SELECT COUNT(*) FROM CBB_TAB_NODE CN ");
                table_sql.append(" WHERE CN.NODE_ID = '" + nodeId + "' ");
                table_sql.append(" ) = '2'");
                table_sql.append(" THEN DECODE( ");
                table_sql.append(" CTN.TAB_ORDER, 1, 'lantop_ajml', 2, 'lantop_wjml' ");
                table_sql.append(" ) END TAB_ORDER ");
                table_sql.append(" FROM CBB_TABLES T ");
                table_sql.append(" LEFT JOIN CBB_TAB_NODE CTN ON CTN.TABLE_ID = T.ID ");
                table_sql.append(" WHERE CTN.ORG_ID = '" + orgId + "' ");
                table_sql.append(" AND CTN.SYS_ID = '" + sysId + "' ");
                table_sql.append(" AND CTN.NODE_ID = '" + nodeId + "' ");
                List<Map<String, Object>> tableList = this.jdbcAvicit.getJdbcTemplate().queryForList(table_sql.toString());
                Map<String, Object> tableMap = new HashMap<String, Object>();
                // 循环得到的资源表
                for (int i = 0; i < tableList.size(); i++) {
                    List<Map<String, Object>> whereSqlList = new ArrayList<Map<String, Object>>();
                    Map<String, Object> table = tableList.get(i);
                    String id = table.get("id").toString();
                    // 根据表ID获得公共字段对应值
                    Map<String, String> fieldMap = getPublicColFiled(orgId, deptId, sysId, id);
                    if (null != fieldMap && fieldMap.size() != 0) {
                        // 条件sql
                        // 角色维度
                        roleId = map.get("TARGET_ID").toString();
                        StringBuffer role_sql = new StringBuffer();
                        role_sql.append("SELECT LQ.ZKH, LQ.ZDM, LQ.YSF, LQ.ZHI, LQ.YKH, LQ.GXF \n");
                        role_sql.append("  FROM LANTOP_USER_AUTH_CONDITION LQ \n");
                        role_sql.append("  LEFT JOIN CBB_AUTH_RESOURCE T \n");
                        role_sql.append("    ON T.ID = LQ.RESOURCE_ID \n");
                        role_sql.append(" WHERE T.ORG_ID = '" + orgId + "' ");
                        role_sql.append(" AND T.SYS_ID = '" + sysId + "' ");
                        role_sql.append(" AND T.TARGET_TYPE = '1' ");
                        role_sql.append(" AND T.TARGET_ID = '" + roleId + "' ");
                        role_sql.append(" AND T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
                        if (authType.equals("A1")) {//条目浏览
                            role_sql.append(" AND T.ACTION_TYPE = 'A1' ");
                        } else if (authType.equals("A2")) {//全文浏览
                            role_sql.append(" AND T.ACTION_TYPE = 'A2' ");
                        } else if (authType.equals("A3")) {//全文打印
                            role_sql.append(" AND T.ACTION_TYPE = 'A3' ");
                        } else if (authType.equals("A4")) {//全文下载
                            role_sql.append(" AND T.ACTION_TYPE = 'A4' ");
                        } else {
                            role_sql.append(" AND T.ACTION_TYPE = 'A0' ");
                        }
                        role_sql.append(" ORDER BY LQ.ORDER_BY \n");
                        List<Map<String, Object>> roleList = this.jdbcAvicit.getJdbcTemplate().queryForList(role_sql.toString());
                        for (Map<String, Object> roleMap : roleList) {
                            //字段名转换
                            String zdm = roleMap.get("ZDM").toString();
                            String publicZDM = fieldMap.get(zdm);
                            //对应公共字段不存在，跳出当次循环
                            if (null != publicZDM && !"".equals(publicZDM) && !"null".equals(publicZDM)) {
                                continue;
                            }
                            roleMap.put("ZDM", publicZDM);
                            whereSqlList.add(roleMap);
                        }
                    }
                    if (whereSqlList.size() > 0) {//有条件
                        tableMap.put(id, whereSqlList);
                    }
                }
                nodeIdSqlMap.put("whereSql", tableMap);
                nodeIdSqlList.add(nodeIdSqlMap);
            }

            // 条目sql
            // 角色维度
            StringBuffer sqlAuth = new StringBuffer();
            sqlAuth.append(" SELECT T.RES_CODE,T.RCD_DATA_TYPE,SA.PARENT_REGISTER_ID FROM LANTOP_USER_AUTH_EXTEND_DATA T ");
            sqlAuth.append(" LEFT JOIN CBB_DOC_RELATION CDR ON T.Res_Code = CDR.RECORD_ID ");
            sqlAuth.append(" LEFT JOIN SYS_ATTACHMENT SA ON CDR.ATTACHMENT_ID = SA.ID ");
            sqlAuth.append(" WHERE T.ORG_ID = '" + orgId + "' ");
            sqlAuth.append(" AND T.SYS_ID = '" + sysId + "' ");

            // 角色维度
            sqlAuth.append(" AND T.TARGET_ID = '" + roleId + "'  ");
            sqlAuth.append("                 AND T.TARGET_TYPE = '1'  ");

            sqlAuth.append(" AND T.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
            if (authType.equals("A1")) {//条目浏览
                sqlAuth.append(" AND T.OPERATE_AUTH LIKE '1,%' ");
            } else if (authType.equals("A2")) {//全文浏览
                sqlAuth.append(" AND T.OPERATE_AUTH LIKE '1,1,%' ");
            } else if (authType.equals("A3")) {//全文打印
                sqlAuth.append(" AND T.OPERATE_AUTH LIKE '1,1,1,%' ");
            } else if (authType.equals("A4")) {//全文下载
                sqlAuth.append(" AND T.OPERATE_AUTH = '1,1,1,1' ");
            } else {
                sqlAuth.append(" AND T.OPERATE_AUTH = '0,0,0,0' ");
            }
            sqlAuth.append(" AND (T.START_DATE <= to_date(to_char(SYSDATE, 'yyyy-MM-dd'),'yyyy-MM-dd') OR T.START_DATE IS NULL) ");
            sqlAuth.append(" AND (T.END_DATE >= to_date(to_char(SYSDATE, 'yyyy-MM-dd'),'yyyy-MM-dd') OR T.END_DATE IS NULL) ");
            List<Map<String, Object>> dataList = this.jdbcAvicit.getJdbcTemplate().queryForList(sqlAuth.toString());

            for (Map<String, Object> dataMap : dataList) {
                String type = dataMap.get("RCD_DATA_TYPE").toString();// 得到条目存储类型
                if (type.equals("0")) {// 条目类型。0：电子文件；1：文件级；2：案卷级
                    String dataId = (String) dataMap.get("PARENT_REGISTER_ID");
                    dataIdList.add(dataId);
                } else {
                    String dataId = (String) dataMap.get("RES_CODE");
                    dataIdList.add(dataId);
                }
            }

            solrMap.put("nodeIdSqlList", nodeIdSqlList);
            solrMap.put("dataIds", dataIdList);

        } catch (Exception e) {
            e.printStackTrace();
        }
        return solrMap;
    }


    /**
     * @param roleCode
     * @param orgIdentity
     * @return
     * @Description:根据角色code及组织应用ID获得角色ID
     * @author youyu
     * @date 2019-8-28 下午3:34:50
     * @version 1.0
     */
    private String getRoleIdByCode(String roleCode, String orgIdentity) {
        StringBuffer sbSql = new StringBuffer();
        sbSql.append(" SELECT R.* FROM SYS_ROLE R \n");
        sbSql.append(" WHERE　R.ROLE_CODE = '" + roleCode + "' \n");
        sbSql.append(" AND R.ORG_IDENTITY = '" + orgIdentity + "' ");

        List<Map<String, Object>> roleList = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSql.toString());
        if (roleList.size() > 0) {
            return (String) roleList.get(0).get("ID");
        }
        return null;
    }


    /**
     * 获取当前全宗名称
     *
     * @param orgId
     * @return
     */
    @Override
    public String getOrgNamebyOrgId(String orgId) {
        StringBuffer sbSql = new StringBuffer();
        sbSql.append("SELECT ORG_NAME FROM SYS_ORG_V WHERE ID='" + orgId + "' ");
        List<Map<String, Object>> list = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSql.toString());
        return list.get(0).get("ORG_NAME").toString();
    }

    /**
     * @param param key            value
     *              sysId          系统ID
     *              orgId          组织ID
     *              userId         用户ID
     *              deptId         部门Id
     *              orgIdentity    组织应用ID
     *              authType       权限类型（对应通用代码：A1(条目浏览)，A2（全文浏览）,A3（全文打印）,A4（全文下载））
     * @return
     * @throws Exception
     * @Description: 获得用户ID 有 不同维度 有权限的节点
     * @author youyu
     * @date 2019-9-10 下午2:55:22
     * @version 1.0
     */
    @Override
    public List<String> getNodeListByUserId(Map<String, Object> param) throws Exception {

        List<String> nodeIdList = new ArrayList<String>();
        String sysId = param.get("sysId").toString();// 系统id
        String orgId = param.get("orgId").toString();// 组织id
        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }
        String authType = param.get("authType").toString();//权限类型
        String userId = param.get("userId").toString();// 用户ID
        //判断userId是否存在
        if (null == userId || "".equals(userId)) {
            return nodeIdList;
        }
        // 根据用户id查询节点信息SQL
        StringBuffer node_sql = new StringBuffer();
        node_sql.append("SELECT CART.CODE AS NODEID ");
        node_sql.append(" FROM CBB_AUTH_RESOURCE CART ");
        node_sql.append(" WHERE CART.ORG_ID = '" + orgId + "' ");
        node_sql.append(" AND CART.SYS_ID = '" + sysId + "' ");
        if (authType.equals("A1")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,%' ");
        } else if (authType.equals("A2")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,%' ");
        } else if (authType.equals("A3")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,1,%' ");
        } else if (authType.equals("A4")) {
            node_sql.append(" AND CART.OPERATE_AUTH = '1,1,1,1' ");
        } else {
            node_sql.append(" AND CART.OPERATE_AUTH = '0,0,0,0' ");
        }

        // 用户维度
        node_sql.append(" AND ((CART.TARGET_ID = '" + userId + "'  ");
        node_sql.append("                 AND CART.TARGET_TYPE = '3' ) ");
        // 角色维度
        node_sql.append("  OR ( ");
        node_sql.append("  	  CART.TARGET_TYPE = '1' ");
        node_sql.append("  	AND EXISTS(");
        node_sql.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T  ");
        node_sql.append("                   WHERE T.SYS_ROLE_ID = CART.TARGET_ID  ");
        node_sql.append("     				AND T.SYS_USER_ID = '" + userId + "'");
        node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        node_sql.append("     		  ) ");
        node_sql.append("     ) ");

        // 部门维度
        node_sql.append("  OR ( ");
        node_sql.append("  	  CART.TARGET_TYPE = '2' ");
        node_sql.append("  	AND EXISTS(");
        node_sql.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        node_sql.append("                   WHERE T.DEPT_ID = CART.TARGET_ID  ");
        node_sql.append("     				AND T.USER_ID = '" + userId + "'");
        node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        node_sql.append("     		  ) ");
        node_sql.append("     ) ");

        // 岗位维度
        node_sql.append("  OR ( ");
        node_sql.append("  	  CART.TARGET_TYPE = '4' ");
        node_sql.append("  	AND EXISTS(");
        node_sql.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        node_sql.append("                   WHERE T.POSITION_ID = CART.TARGET_ID  ");
        node_sql.append("     				AND T.USER_ID = '" + userId + "'");
        node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        node_sql.append("     		  ) ");
        node_sql.append("     )) ");

        nodeIdList = this.jdbcAvicit.getJdbcTemplate().queryForList(node_sql.toString(), String.class);
        return nodeIdList;
    }
    
    
    /**
     * 根据参数获取节点IDsql
     * @param param
     * @return
     * @throws Exception String
     * @throws
     */
    @Override
    public String getNodeListSqlByUserId(Map<String, Object> param) throws Exception {
        String sysId = param.get("sysId").toString();// 系统id
        String orgId = param.get("orgId").toString();// 组织id
        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }
        String authType = param.get("authType").toString();//权限类型
        String userId = param.get("userId").toString();// 用户ID
        //判断userId是否存在
        if (null == userId || "".equals(userId)) {
            return "";
        }
        // 根据用户id查询节点信息SQL
        StringBuffer node_sql = new StringBuffer();
        node_sql.append("SELECT 1 ");
        node_sql.append(" FROM CBB_AUTH_RESOURCE CART ");
        node_sql.append(" WHERE CART.ORG_ID = '" + orgId + "' ");
        node_sql.append(" AND CART.SYS_ID = '" + sysId + "' ");
        node_sql.append(" AND CART.CODE = LDV.LANTOP_NODE_ID");
        if (authType.equals("A1")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,%' ");
        } else if (authType.equals("A2")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,%' ");
        } else if (authType.equals("A3")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,1,%' ");
        } else if (authType.equals("A4")) {
            node_sql.append(" AND CART.OPERATE_AUTH = '1,1,1,1' ");
        } else {
            node_sql.append(" AND CART.OPERATE_AUTH = '0,0,0,0' ");
        }
        // 用户维度
        node_sql.append(" AND ((CART.TARGET_ID = '" + userId + "'  ");
        node_sql.append("                 AND CART.TARGET_TYPE = '3' ) ");
        // 角色维度
        node_sql.append("  OR ( ");
        node_sql.append("  	  CART.TARGET_TYPE = '1' ");
        node_sql.append("  	AND EXISTS(");
        node_sql.append("     			SELECT SYS_ROLE_ID FROM SYS_USER_ROLE T  ");
        node_sql.append("                   WHERE T.SYS_ROLE_ID = CART.TARGET_ID  ");
        node_sql.append("     				AND T.SYS_USER_ID = '" + userId + "'");
        node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        node_sql.append("     		  ) ");
        node_sql.append("     ) ");

        // 部门维度
        node_sql.append("  OR ( ");
        node_sql.append("  	  CART.TARGET_TYPE = '2' ");
        node_sql.append("  	AND EXISTS(");
        node_sql.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        node_sql.append("                   WHERE T.DEPT_ID = CART.TARGET_ID  ");
        node_sql.append("     				AND T.USER_ID = '" + userId + "'");
        node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        node_sql.append("     		  ) ");
        node_sql.append("     ) ");

        // 岗位维度
        node_sql.append("  OR ( ");
        node_sql.append("  	  CART.TARGET_TYPE = '4' ");
        node_sql.append("  	AND EXISTS(");
        node_sql.append("     			SELECT POSITION_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        node_sql.append("                   WHERE T.POSITION_ID = CART.TARGET_ID  ");
        node_sql.append("     				AND T.USER_ID = '" + userId + "'");
        node_sql.append("                     AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        node_sql.append("     		  ) ");
        node_sql.append("     )) ");
        return node_sql.toString();
    }
    
    
    /**
     * @param param key            value
     *              sysId          系统ID
     *              orgId          组织ID
     *              userId         用户ID
     *              deptId         部门Id
     *              orgIdentity    组织应用ID
     *              authType       权限类型（对应通用代码：A1(条目浏览)，A2（全文浏览）,A3（全文打印）,A4（全文下载））
     * @return
     * @throws Exception
     * @Description: 获得用户ID 有 不同维度 有权限的节点
     * @author youyu
     * @date 2019-9-10 下午2:55:22
     * @version 1.0
     */
    @Override
    public List<String> getNodeListByRoleCode(Map<String, Object> param) throws Exception {

        List<String> nodeIdList = new ArrayList<String>();
        String sysId = param.get("sysId").toString();// 系统id
        String orgId = param.get("orgId").toString();// 组织id
        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }
        String authType = param.get("authType").toString();//权限类型
        String roleCode = param.get("roleCode").toString();// 角色CODE
        //根据角色code获得角色ID
        String roleId = getRoleIdByCode(roleCode, orgIdentity);
        if (null == roleId || "".equals(roleId)) {
            return nodeIdList;
        }
        // 根据用户id查询节点信息SQL
        StringBuffer node_sql = new StringBuffer();
        node_sql.append("SELECT CART.CODE AS NODEID ");
        node_sql.append(" FROM CBB_AUTH_RESOURCE CART ");
        node_sql.append(" WHERE CART.ORG_ID = '" + orgId + "' ");
        node_sql.append(" AND CART.SYS_ID = '" + sysId + "' ");
        if (authType.equals("A1")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,%' ");
        } else if (authType.equals("A2")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,%' ");
        } else if (authType.equals("A3")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,1,%' ");
        } else if (authType.equals("A4")) {
            node_sql.append(" AND CART.OPERATE_AUTH = '1,1,1,1' ");
        } else {
            node_sql.append(" AND CART.OPERATE_AUTH = '0,0,0,0' ");
        }
        // 角色维度
        node_sql.append(" AND (( ");
        node_sql.append("  	      CART.TARGET_TYPE = '1' ");
        node_sql.append("  	  AND CART.TARGET_ID = '" + roleId + "' ");
        node_sql.append("     )) ");
        nodeIdList = this.jdbcAvicit.getJdbcTemplate().queryForList(node_sql.toString(), String.class);
        return nodeIdList;
    }
    
    
    /**
     * @param param key            value
     *              sysId          系统ID
     *              orgId          组织ID
     *              userId         用户ID
     *              deptId         部门Id
     *              orgIdentity    组织应用ID
     *              authType       权限类型（对应通用代码：A1(条目浏览)，A2（全文浏览）,A3（全文打印）,A4（全文下载））
     * @return
     * @throws Exception
     * @Description: 获得用户ID 有 不同维度 有权限的节点
     * @author youyu
     * @date 2019-9-10 下午2:55:22
     * @version 1.0
     */
    @Override
    public String getNodeSqlByRoleCode(Map<String, Object> param) throws Exception {
        String sysId = param.get("sysId").toString();// 系统id
        String orgId = param.get("orgId").toString();// 组织id
        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }
        String authType = param.get("authType").toString();//权限类型
        String roleCode = param.get("roleCode").toString();// 角色CODE
        //根据角色code获得角色ID
        String roleId = getRoleIdByCode(roleCode, orgIdentity);
        if (null == roleId || "".equals(roleId)) {
            return "";
        }
        // 根据用户id查询节点信息SQL
        StringBuffer node_sql = new StringBuffer();
        node_sql.append("SELECT 1 ");
        node_sql.append(" FROM CBB_AUTH_RESOURCE CART ");
        node_sql.append(" WHERE CART.ORG_ID = '" + orgId + "' ");
        node_sql.append(" AND CART.SYS_ID = '" + sysId + "' ");
        node_sql.append(" AND CART.CODE = LDV.LANTOP_NODE_ID");
        if (authType.equals("A1")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,%' ");
        } else if (authType.equals("A2")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,%' ");
        } else if (authType.equals("A3")) {
            node_sql.append(" AND CART.OPERATE_AUTH LIKE '1,1,1,%' ");
        } else if (authType.equals("A4")) {
            node_sql.append(" AND CART.OPERATE_AUTH = '1,1,1,1' ");
        } else {
            node_sql.append(" AND CART.OPERATE_AUTH = '0,0,0,0' ");
        }
        // 角色维度
        node_sql.append(" AND (( ");
        node_sql.append("  	      CART.TARGET_TYPE = '1' ");
        node_sql.append("  	  AND CART.TARGET_ID = '" + roleId + "' ");
        node_sql.append("     )) ");
        return node_sql.toString();
    }


    /**
     * 浏览、下载全文权限验证伪代码，参考“档案利用初始权限表（普通型）”
     * 角色分为：公司领导、部门领导、专职档案人员、兼职档案人员、普通员工、外单位用户
     * 档案类型分为：文书、其他类、建设项目、生产产品与服务、科研开发、设备仪器、荣誉、印章、礼品纪念、其他、照片、视频、录音
     *
     * @param params 参数:数据ID，全文ID，组织ID,用户ID
     * @return 返回值MAP<是否通过验证 ， 原因>
     * @throws
     */
    public Map<String, Object> getAuth(Map<String, Object> params) {
        Map<String, Object> authMap = new HashMap();
        String reason = "";//原因
        String userId = params.get("userId").toString();
//        String authType = params.get("authType").toString(); //

//        String orgId = (String) params.get("orgId");
        String nodeId = (String) params.get("nodeId");
        String dataIds = (String) params.get("dataIds");
        String dataIdsSql = "'" + dataIds.replace(",", "','") + "'";
//        String targetId = (String) params.get("targetId");
        String userDept = ","+ params.get("userDept")+",";
        String userRoleCode = (String) params.get("userRoleCode");
        String orgCode = (String) params.get("orgCode");
        String tableId = (String) params.get("tableId");
//        String orgIdentity = "";
        // 是否查询 未删除/已删除 (Y/N) 附件信息
        String isYn = (String) params.get("isYn");


        // 数据节点下的附件
        StringBuffer sbSql2 = new StringBuffer();
        sbSql2.append("SELECT SA.ID, CDR.SECRET_LEVEL,CDR.ATTRIBUTE_03 FROM CBB_DOC_RELATION CDR");
        sbSql2.append(" LEFT JOIN SYS_ATTACHMENT SA ON SA.ID = CDR.ATTACHMENT_ID ");
        sbSql2.append(" WHERE RECORD_ID IN (" + dataIdsSql + ")");
        if ("Y".equals(isYn)) {
            sbSql2.append(" AND IF_DELETE = 'Y' ");
        } else {
            sbSql2.append(" AND IF_DELETE = 'N' ");
        }
        //--2019/8/14 xmw 防止附件记录被误删id为空的情况
        sbSql2.append(" AND SA.ID IS NOT NULL");
        sbSql2.append(" ORDER BY DECODE(ATTRIBUTE_03, 'ZW',1,'FJ',2,'CLD',3,'LZJL',4,'YG',5,'DG',6,'JHG',7,'CG',8,'QT',9,'JKXML',10,'GDXML',11,'RKXML',12,13) ASC,ATTRIBUTE_11 ASC");

        List<Map<String, Object>> list2 = this.jdbcAvicit.queryForMap(sbSql2.toString(), null);

        //获取档案类型
        String nodeName = "";   //档案节点名称
        String archiveDept = "";   //档案节点名称

        StringBuffer sbSql1 = new StringBuffer();
        sbSql1.append(" WITH t1 AS (");
        sbSql1.append(" SELECT T.*,SYS_CONNECT_BY_PATH ( T.ID, '/' ) PH  FROM ");
        sbSql1.append(" LANTOP_ARCHIVE_CLASS T CONNECT BY PRIOR T.ID = T.PARENT_ID START WITH T.PARENT_ID = 'ROOT'), ");
        sbSql1.append(" T2 AS ( SELECT lac.* FROM LANTOP_ARCHIVE_CLASS LAC WHERE lac.id = '" + nodeId + "' ) ");
        sbSql1.append(" SELECT t1.* FROM t1,t2 WHERE instr( t2.ARCHIVE_CLASS_NODE_PATH, t1.ph ) > 0 AND t1.ARCHIVE_TYPE = '2' ");

        List<Map<String, Object>> mapList = jdbcAvicit.getJdbcTemplate().queryForList(sbSql1.toString());
        if (mapList != null && mapList.size() > 0) {
            nodeName = mapList.get(0).get("ARCHIVE_CLASS_NODE_NAME").toString();
        }
        List<Map<String, Object>> mapList2 = jdbcAvicit.getJdbcTemplate().queryForList("SELECT TABLE_NAME FROM CBB_TABLES WHERE ID ='"+tableId+"'");
        String WSCLLX = "";
        if (mapList2!=null&&mapList2.size()>0){
            List<Map<String, Object>> mapList1 = jdbc.getJdbcTemplate().queryForList("SELECT * FROM  "+mapList2.get(0).get("TABLE_NAME")+" where  ID='" + dataIds + "' AND ARCHIVE_STATUS='3'");
            if (mapList1 != null && mapList1.size() > 0) {
                archiveDept = mapList1.get(0).get("ARCHIVE_DEPT")==null?"":mapList1.get(0).get("ARCHIVE_DEPT").toString();
                WSCLLX = mapList1.get(0).get("WSCLLX")==null?"":mapList1.get(0).get("WSCLLX").toString();
            }
        }
        //根据条目id获取条目数据//   (select table_name from CBB_TABLES where id='" + tableId + "')
        boolean skipExecuteCode = false; // SanXiaFiles create by zhaoxiaolong 是否跳过角色赋权代码
        String loginName = (String) params.get("loginName");
        if (loginName!=null&&!loginName.equals("")){
            loginName = loginName.toUpperCase();
        }
        if (list2 != null && list2.size() > 0) {
            for (Map<String, Object> map : list2) {
                if ("1".equals(userId)) {
                    authMap.put(map.get("ID").toString(), "1,1,1,1");
                    continue;
                }
                // SanXiaFiles create by zhaoxiaolong 统一检索校验当前数据是否为当前登录用户创建的数据，是，给予最高权限
                if (params!=null&&params.get("responseJumpFlag").equals("tyjs")){
                    StringBuffer searchTableSql = new StringBuffer();
                    searchTableSql.append("SELECT TABLE_NAME FROM CBB_TABLES WHERE ID='"+tableId+"'");
                    List<Map<String,Object>> tabDataList = this.jdbcAvicit.getJdbcTemplate().queryForList(searchTableSql.toString());
                    String tableName = "";
                    if(tabDataList!=null&&tabDataList.size()>0){
                        tableName = tabDataList.get(0).get("TABLE_NAME").toString();
                    }
                    StringBuffer searchDataSql = new StringBuffer();
                    searchDataSql.append("SELECT COUNT(1) COUNT FROM "+tableName+" WHERE ID = "+dataIdsSql);
                    if (tableName!=null&&tableName!=""){
                        if(tableName.indexOf("WJJ")!=-1||tableName.indexOf("WJ")!=-1){
                            searchDataSql.append(" AND CREATED_BY ='"+userId+"'"); // 文件级查询
                        }else { // 案卷级
                            searchDataSql.append(" AND ( CREATED_BY ='"+userId+"' OR ( UPPER(XMFZR) = '"+params.get("userName")+"#"+loginName+"' OR UPPER(XMFZR) = '"+params.get("userName")+"("+loginName+")' ) ) ");
                        }
                        List<Map<String,Object>> countList = this.jdbcAvicit.getJdbcTemplate().queryForList(searchDataSql.toString());
                        if (countList!=null&&countList.size()>0){
                            int count = Integer.valueOf(countList.get(0).get("COUNT").toString());
                            if (count>0){ // 证明此数据存在于表中，并且创建人或者是项目负责人属于当前登录用户的
                                authMap.put(map.get("ID").toString(), "1,1,1,1");
                                skipExecuteCode = true;
                                continue;
                            }
                        }
                    }
                }
                if (!skipExecuteCode){
                    String[] qwauth = {"1", "0", "0", "0"};
                    //如果是浏览
                    //档案密级分为 内部公开、内部特殊、内部敏感
                    if ("内部公开".equals(map.get("SECRET_LEVEL"))||"1".equals(map.get("SECRET_LEVEL"))) {
                        if ("文书".equals(nodeName)) {
                            if ("1".equals(WSCLLX) || "收文".equals(WSCLLX) || "2".equals(WSCLLX) || "发文".equals(WSCLLX)) { //如果是收发文
                                if ("ZW".equals(map.get("ATTRIBUTE_03"))||"FJ".equals(map.get("ATTRIBUTE_03"))||"QT".equals(map.get("ATTRIBUTE_03"))) {
                                    if (userRoleCode.equals(orgCode + "_Sanxia_Manager_ROLE")) {
                                        //专职档案人员
                                        qwauth[1] = "1";
                                        qwauth[3] = "1";
                                    } else if (userRoleCode.equals(orgCode + "_Company_Leaders_ROLE")) {
                                        //如果是公司领导
                                        qwauth[1] = "1";
                                        qwauth[3] = "1";
                                    } else if (userRoleCode.equals(orgCode + "_Dept_Leader_ROLE")) {
                                        //部门领导
                                        if (userDept.contains(","+archiveDept+",")) {
                                            qwauth[3] = "1";
                                            qwauth[1] = "1";
                                        } else {
                                            qwauth[1] = "0";
                                            qwauth[3] = "0";
                                        }
                                    } else if (userRoleCode.equals(orgCode + "_Parttime_Manager_ROLE")) {
                                        //兼职档案人员
                                        if (userDept.contains(","+archiveDept+","))  {
                                            qwauth[3] = "1";
                                            qwauth[1] = "1";
                                        } else {
                                            qwauth[1] = "0";
                                            qwauth[3] = "0";
                                        }
                                    } else if (userRoleCode.equals(orgCode + "_Comm_User_ROLE")) {
                                        //一般用户
                                        if (userDept.contains(","+archiveDept+","))  {
                                            qwauth[3] = "1";
                                            qwauth[1] = "1";
                                        } else {
                                            qwauth[1] = "0";
                                            qwauth[3] = "0";
                                        }
                                    } else if (userRoleCode.equals(orgCode + "_Other_User_ROLE")) {
                                        //外单位用户
                                        qwauth[1] = "0";
                                        qwauth[3] = "0";
                                    } else {
                                        qwauth[1] = "0";
                                        qwauth[3] = "0";
                                    }
                                } else if ("CLD".equals(map.get("ATTRIBUTE_03"))) {
                                    if (userRoleCode.equals(orgCode + "_Sanxia_Manager_ROLE")) {
                                        //专职档案人员
                                        qwauth[1] = "1";
                                    } else if (userRoleCode.equals(orgCode + "_Company_Leaders_ROLE")) {
                                        //如果是公司领导
                                        qwauth[1] = "1";
                                    } else if (userRoleCode.equals(orgCode + "_Dept_Leader_ROLE")) {
                                        //部门领导
                                        if (userDept.contains(","+archiveDept+","))  {
                                            qwauth[1] = "1";
                                            qwauth[3] = "1";
                                        } else {
                                            qwauth[1] = "0";
                                            qwauth[3] = "0";
                                        }
                                    } else if (userRoleCode.equals(orgCode + "_Parttime_Manager_ROLE")) {
                                        //兼职档案人员
                                        if (userDept.contains(","+archiveDept+","))  {
                                            qwauth[1] = "1";
                                            qwauth[3] = "1";
                                        } else {
                                            qwauth[1] = "0";
                                            qwauth[3] = "0";
                                        }
                                    } else if (userRoleCode.equals(orgCode + "_Comm_User_ROLE")) {
                                        qwauth[1] = "0";
                                        qwauth[3] = "0";
                                        //一般用户
                                    } else if (userRoleCode.equals(orgCode + "_Other_User_ROLE")) {
                                        qwauth[1] = "0";
                                        qwauth[3] = "0";
                                        //外单位用户
                                    } else {
                                        qwauth[1] = "0";
                                        qwauth[3] = "0";
                                    }
                                } else {
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
//                                    reason = "此附件稿本类型全文还未开放，请联系管理员！";
                                }
                            } else if ("3".equals(WSCLLX) || "签报".equals(WSCLLX)) {//文书处理类型是签报
                                if (userRoleCode.equals(orgCode + "_Sanxia_Manager_ROLE")) {
                                    //专职档案人员
                                    qwauth[1] = "1";
                                    qwauth[3] = "1";
                                } else if (userRoleCode.equals(orgCode + "_Company_Leaders_ROLE")) {
                                    //如果是公司领导
                                    qwauth[1] = "1";
                                    qwauth[3] = "1";
                                } else if (userRoleCode.equals(orgCode + "_Dept_Leader_ROLE")) {
                                    //部门领导
                                    if (userDept.contains(","+archiveDept+","))  {
                                        qwauth[1] = "1";
                                        qwauth[3] = "1";
                                    } else {
                                        qwauth[1] = "0";
                                        qwauth[3] = "0";
                                    }
                                } else if (userRoleCode.equals(orgCode + "_Parttime_Manager_ROLE")) {
                                    //兼职档案人员
                                    if (userDept.contains(","+archiveDept+","))  {
                                        qwauth[1] = "1";
                                        qwauth[3] = "1";
                                    } else {
                                        qwauth[1] = "0";
                                        qwauth[3] = "0";
                                    }
                                } else if (userRoleCode.equals(orgCode + "_Comm_User_ROLE")) {
                                    //一般用户
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
                                } else if (userRoleCode.equals(orgCode + "_Other_User_ROLE")) {
                                    //外单位用户
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
                                } else {
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
                                }
                            } else {
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            }
                        } else if ("其他类".equals(nodeName)) {
                            if (userRoleCode.equals(orgCode + "_Sanxia_Manager_ROLE")) {
                                //专职档案人员
                                qwauth[1] = "1";
                                qwauth[3] = "1";
                            } else if (userRoleCode.equals(orgCode + "_Company_Leaders_ROLE")) {
                                //如果是公司领导
                                qwauth[1] = "1";
                                qwauth[3] = "1";
                            } else if (userRoleCode.equals(orgCode + "_Dept_Leader_ROLE")) {
                                //部门领导
                                if (userDept.contains(","+archiveDept+","))  {
                                    qwauth[1] = "1";
                                    qwauth[3] = "1";
                                } else {
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
                                }
                            } else if (userRoleCode.equals(orgCode + "_Parttime_Manager_ROLE")) {
                                //兼职档案人员
                                if (userDept.contains(","+archiveDept+","))  {
                                    qwauth[1] = "1";
                                    qwauth[3] = "1";
                                } else {
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
                                }
                            } else if (userRoleCode.equals(orgCode + "_Comm_User_ROLE")) {
                                //一般用户
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            } else if (userRoleCode.equals(orgCode + "_Other_User_ROLE")) {
                                //外单位用户
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            } else {
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            }
                        } else if ("建设项目".equals(nodeName) || "生产产品与服务".equals(nodeName) || "科研开发".equals(nodeName) || "设备仪器".equals(nodeName)) {
                            if (userRoleCode.equals(orgCode + "_Sanxia_Manager_ROLE")) {
                                //专职档案人员
                                qwauth[1] = "1";
                                qwauth[3] = "1";
                            } else if (userRoleCode.equals(orgCode + "_Company_Leaders_ROLE")) {
                                //如果是公司领导
                                qwauth[1] = "1";
                                qwauth[3] = "1";
                            } else if (userRoleCode.equals(orgCode + "_Dept_Leader_ROLE")) {
                                //部门领导
                                if (userDept.contains(","+archiveDept+","))  {
                                    qwauth[1] = "1";
                                    qwauth[3] = "1";
                                } else {
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
                                }
                            } else if (userRoleCode.equals(orgCode + "_Parttime_Manager_ROLE")) {
                                //兼职档案人员
                                if (userDept.contains(","+archiveDept+","))  {
                                    qwauth[1] = "1";
                                    qwauth[3] = "1";
                                } else {
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
                                }
                            } else if (userRoleCode.equals(orgCode + "_Comm_User_ROLE")) {
                                //一般用户
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            } else if (userRoleCode.equals(orgCode + "_Other_User_ROLE")) {
                                //外单位用户
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            } else {
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            }
                        } else if ("荣誉".equals(nodeName)) {
                            if (userRoleCode.equals(orgCode + "_Sanxia_Manager_ROLE")) {
                                //专职档案人员
                                qwauth[1] = "1";
                                qwauth[3] = "1";
                            } else if (userRoleCode.equals(orgCode + "_Company_Leaders_ROLE")) {
                                //如果是公司领导
                                qwauth[1] = "1";
                                qwauth[3] = "1";
                            } else if (userRoleCode.equals(orgCode + "_Dept_Leader_ROLE")) {
                                //部门领导
                                if (userDept.contains(","+archiveDept+","))  {
                                    qwauth[1] = "1";
                                    qwauth[3] = "1";
                                } else {
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
                                }
                            } else if (userRoleCode.equals(orgCode + "_Parttime_Manager_ROLE")) {
                                //兼职档案人员
                                if (userDept.contains(","+archiveDept+","))  {
                                    qwauth[1] = "1";
                                    qwauth[3] = "1";
                                } else {
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
                                }
                            } else if (userRoleCode.equals(orgCode + "_Comm_User_ROLE")) {
                                //一般用户
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            } else if (userRoleCode.equals(orgCode + "_Other_User_ROLE")) {
                                //外单位用户
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            } else {
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            }
                        } else if ("印章".equals(nodeName)) {
                            if (userRoleCode.equals(orgCode + "_Sanxia_Manager_ROLE")) {
                                //专职档案人员
                                qwauth[1] = "1";
                                qwauth[3] = "1";
                            } else if (userRoleCode.equals(orgCode + "_Company_Leaders_ROLE")) {
                                //如果是公司领导
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            } else if (userRoleCode.equals(orgCode + "_Dept_Leader_ROLE")) {
                                //部门领导
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            } else if (userRoleCode.equals(orgCode + "_Parttime_Manager_ROLE")) {
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                                //兼职档案人员
                            } else if (userRoleCode.equals(orgCode + "_Comm_User_ROLE")) {
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                                //一般用户
                            } else if (userRoleCode.equals(orgCode + "_Other_User_ROLE")) {
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                                //外单位用户
                            } else {
                                qwauth[1] = "0";
                                qwauth[3] = "0";
//                                        reason = "当前登录人角色还未开放，请联系管理员！";
                            }
                        } else if ("礼品纪念品".equals(nodeName) || "其他".equals(nodeName)) {
                            if (userRoleCode.equals(orgCode + "_Sanxia_Manager_ROLE,")) {
                                //专职档案人员
                                qwauth[1] = "1";
                                qwauth[3] = "1";
                            } else if (userRoleCode.equals(orgCode + "_Company_Leaders_ROLE")) {
                                //如果是公司领导
                                qwauth[1] = "1";
                                qwauth[3] = "1";
                            } else if (userRoleCode.equals(orgCode + "_Dept_Leader_ROLE")) {
                                //部门领导
                                if (userDept.contains(","+archiveDept+","))  {
                                    qwauth[1] = "1";
                                    qwauth[3] = "1";
                                } else {
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
                                }
                            } else if (userRoleCode.equals(orgCode + "_Parttime_Manager_ROLE")) {
                                //兼职档案人员
                                if (userDept.contains(","+archiveDept+","))  {
                                    qwauth[1] = "1";
                                    qwauth[3] = "1";
                                } else {
                                    qwauth[1] = "0";
                                    qwauth[3] = "0";
                                }
                            } else if (userRoleCode.equals(orgCode + "_Comm_User_ROLE")) {
                                //一般用户
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            } else if (userRoleCode.equals(orgCode + "_Other_User_ROLE")) {
                                //外单位用户
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            } else {
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                            }
                        } else if ("照片".equals(nodeName) || "视频".equals(nodeName) || "录音".equals(nodeName)) {
                            if (userRoleCode.equals(orgCode + "_Sanxia_Manager_ROLE")) {
                                //专职档案人员
                                qwauth[1] = "1";
                                qwauth[3] = "1";
                            } else if (userRoleCode.equals(orgCode + "_Company_Leaders_ROLE")) {
                                //如果是公司领导
                                qwauth[1] = "1";
                                qwauth[3] = "0";
                            } else if (userRoleCode.equals(orgCode + "_Dept_Leader_ROLE")) {
                                //部门领导
                                if (userDept.contains(","+archiveDept+","))  {
                                    qwauth[1] = "1";
                                } else {
                                    qwauth[1] = "0";
                                }
                                qwauth[3] = "0";
                            } else if (userRoleCode.equals(orgCode + "_Parttime_Manager_ROLE")) {
                                if (userDept.contains(","+archiveDept+","))  {
                                    qwauth[1] = "1";
                                } else {
                                    qwauth[1] = "0";
                                }
                                qwauth[3] = "0";
                                //兼职档案人员
                            } else if (userRoleCode.equals(orgCode + "_Comm_User_ROLE")) {
                                if (userDept.contains(","+archiveDept+","))  {
                                    qwauth[1] = "1";
                                } else {
                                    qwauth[1] = "0";
                                }
                                qwauth[3] = "0";
                                //一般用户
                            } else if (userRoleCode.equals(orgCode + "_Other_User_ROLE")) {
                                qwauth[1] = "0";
                                qwauth[3] = "0";
                                //外单位用户
                            } else {
                                qwauth[1] = "0";
                                qwauth[3] = "0";
//                          reason = "当前登录人角色还未开放，请联系管理员！";
                            }
                        } else {
                            //返回false，给予提示：此类型全文还未开放，请联系管理员
                            qwauth[1] = "0";
                        }
                    } else if ("内部特殊".equals(map.get("SECRET_LEVEL"))) {
                        if (userRoleCode.equals(orgCode + "_Sanxia_Manager_ROLE")) {
                            qwauth[1] = "1";
                            qwauth[3] = "1";
                        } else {
                            qwauth[1] = "0";
                            qwauth[3] = "0";
                        }
                    } else if ("内部敏感".equals(map.get("SECRET_LEVEL"))) {
                        if (userRoleCode.equals(orgCode + "_Sanxia_Manager_ROLE")) {
                            qwauth[1] = "1";
                            qwauth[3] = "1";
                        } else {
                            qwauth[1] = "0";
                            qwauth[3] = "0";
                        }
                    } else {
                        //返回flase。给予提示：此密级全文还未开放，请联系管理员
                        qwauth[1] = "0";
                        qwauth[3] = "0";
                    }
                    authMap.put(map.get("ID").toString(), StringUtils.join(qwauth,","));
                }

            }
        }
//        authMap.put(auth, reason);
        return authMap;
    }


    public Boolean isArciveType(String userId, String nodeId, String orgId) {
        //文书、其他类、建设项目、生产产品与服务、科研开发、设备仪器、荣誉、印章、礼品纪念、其他、照片、视频、录音
        String archiveTypeStr = "文书,其他类,建设项目,生产产品与服务,科研开发,设备仪器,荣誉,印章,礼品纪念品,其他,照片,视频,录音";
        Boolean isArchiveType = false;
        List<Map<String, Object>> mapList = jdbcAvicit.getJdbcTemplate().queryForList("WITH t1 AS (\n" +
                "\tSELECT\n" +
                "\t\tT.*,\n" +
                "\t\tSYS_CONNECT_BY_PATH ( T.ID, '/' ) PH \n" +
                "\tFROM\n" +
                "\t\tLANTOP_ARCHIVE_CLASS T CONNECT BY PRIOR T.ID = T.PARENT_ID START WITH T.PARENT_ID = 'ROOT' \n" +
                "\t),\n" +
                "\tT2 AS ( SELECT lac.* FROM LANTOP_ARCHIVE_CLASS LAC WHERE lac.id = '" + nodeId + "' ) SELECT\n" +
                "\tt1.* \n" +
                "FROM\n" +
                "\tt1,\n" +
                "\tt2 \n" +
                "WHERE\n" +
                "\tinstr( t2.ARCHIVE_CLASS_NODE_PATH, t1.ph ) > 0 \n" +
                "\tAND t1.ARCHIVE_TYPE = '2'");
        if (mapList != null && mapList.size() > 0) {
            String nodeName = mapList.get(0).get("ARCHIVE_CLASS_NODE_NAME").toString();
            if ((archiveTypeStr + ",").contains(nodeName + ",")) {
                isArchiveType = true;
            }
        }


        return isArchiveType;
    }

    @Autowired
    private ArchiveManagerHomeService archiveManagerHomeService;


    public Map<String, Object> isRole(String userId, String orgCode, String orgId) {
        Boolean isRole = false;
        Map<String, Object> resultMap = new HashMap<>();

        List<Map<String, Object>> roleCodeByUserIdAndOrgId = archiveManagerHomeService.getRoleCodeByUserIdAndOrgId(userId, orgId);
        
        // SanXiaFiles create by zhaoxiaolong 多角色或单角色情况下根据角色维度来区分不同的权限，1：一般用户或者外部全宗用户 2：公司领导/兼职/部门领导 3：专职/档案机构负责人/档案机构分管领导
        // RoleDimension 角色维度
        if(roleCodeByUserIdAndOrgId!=null&&roleCodeByUserIdAndOrgId.size()>0){
            for (Map<String,Object> roleCodeMap : roleCodeByUserIdAndOrgId){
                String roleCode = (String) roleCodeMap.get("ROLE_CODE"); // 角色编码
                if (!"".equals(roleCode)) {
                    if (roleCode.equals(orgCode + "_Company_Leaders_ROLE")||roleCode.equals(orgCode + "_Sanxia_Manager_ROLE")||roleCode.equals(orgCode + "_Sanxia_Manager_Leader_ROLE")||roleCode.equals(orgCode + "_Archival_Dept_Leader_ROLE")) {
                        roleCodeMap.put("RoleDimension","4");
                        roleCodeMap.put("ROLE_CODE",orgCode + "_Sanxia_Manager_ROLE"); // 默认专职
                    } else if (roleCode.equals(orgCode + "_Dept_Leader_ROLE")||roleCode.equals(orgCode + "_Parttime_Manager_ROLE")) {
                        roleCodeMap.put("RoleDimension","3");
                        roleCodeMap.put("ROLE_CODE",orgCode + "_Parttime_Manager_ROLE"); // 默认兼职
                    } else if (roleCode.equals(orgCode + "_Custom_Auth_ROLE")) {
                        roleCodeMap.put("RoleDimension","2");
                        roleCodeMap.put("ROLE_CODE",orgCode + "_Custom_Auth_ROLE"); // 默认自定义权限用户
                    } else if (roleCode.equals(orgCode + "_Comm_User_ROLE")||roleCode.equals(orgCode + "_Other_User_ROLE")) {
                        roleCodeMap.put("RoleDimension","1");
                        roleCodeMap.put("ROLE_CODE",orgCode + "_Comm_User_ROLE"); // 默认一般用户
                    }else { // 其他角色，如三元角色，默认一般用户
                        roleCodeMap.put("RoleDimension","1");
                        roleCodeMap.put("ROLE_CODE",orgCode+"_Comm_User_ROLE");
                    }
                }
            }
            // 根据RoleDimension维度进行排序，从大到小
            Collections.sort(roleCodeByUserIdAndOrgId, new Comparator<Map<String, Object>>() {
                public int compare(Map<String, Object> o1, Map<String, Object> o2) {
                    Integer name1 = Integer.valueOf(o1.get("RoleDimension").toString()) ;
                    Integer name2 = Integer.valueOf(o2.get("RoleDimension").toString()) ;
                    return name2.compareTo(name1);
                }
            });
            // 获取最大的角色权限
            isRole = true;
            String roleCode = roleCodeByUserIdAndOrgId.get(0).get("ROLE_CODE").toString();
            resultMap.put("isRole", isRole);
            resultMap.put("userRoleCode", roleCode);
        }else {
            resultMap.put("isRole", false);
            resultMap.put("userRoleCode", "");
        }
        if ("1".equals(userId)){ // 平台管理员的特殊情况
            resultMap.put("isRole", true);
            resultMap.put("userRoleCode", orgCode + "_Sanxia_Manager_ROLE");
        }
        return resultMap;
    }




    /**
	 * @Description:  根据用户ID 获得所属部门   不同维度 有权限的节点
	 * @author youyu   
	 * @date 2019-9-10 下午2:55:22 
	 * @param param
	 * 				key            value 
	 * 				sysId          系统ID
	 * 				orgId          组织ID
	 * 				deptId         部门Id
	 * 				orgIdentity    组织应用ID
	 * 				authType       权限类型（对应通用代码：A1(条目浏览)，A2（全文浏览）,A3（全文打印）,A4（全文下载））
	 * @return
	 * @throws Exception
	 * @version 1.0
	 */
	public List<String> getNodeListToDeptByUserId(Map<String, Object> param) throws Exception{
        String orgId = (String) param.get("orgId");
        String sysId = (String) param.get("sysId");
        String deptId = (String) param.get("deptId");
        String orgIdentity = "";
        if (null != param && param.containsKey("orgIdentity")) {
            orgIdentity = (String) param.get("orgIdentity"); // 组织应用ID
            if (null == orgIdentity || "".equals(orgIdentity) || !"null".equals(orgIdentity)) {
                orgIdentity = orgId;
            }
        } else {
            orgIdentity = orgId;
        }
        String targetId = (String) param.get("targetId");
        StringBuffer sbSql = new StringBuffer();
        sbSql.append("WITH T1 AS ");
        sbSql.append(" (SELECT LAC.ORG_ID, ");
        sbSql.append("         LAC.DEPT_ID, ");
        sbSql.append("         LAC.SYS_ID, ");
        sbSql.append("         LAC.ARCHIVE_CLASS_NODE_NAME, ");
        sbSql.append("         LAC.ARCHIVE_CLASS_NODE_TYPE, ");
        sbSql.append("         LAC.ID, ");
        sbSql.append("         LAC.PARENT_ID, ");
        sbSql.append("         CARU.ID                     AS CBB_AUTH_RESOURCE_ID, ");
        sbSql.append("         CARU.AUTH_SERVICE_ID, ");
        sbSql.append("         CARU.TARGET_TYPE, ");
        sbSql.append("         CARU.TARGET_ID, ");
        sbSql.append("         CARU.CODE                   AS RES_CODE, ");
        sbSql.append("         CARU.NAME                   AS RES_NAME, ");
        sbSql.append("         CARU.ACTION_TYPE, ");
        sbSql.append("         CARU.OPERATE_AUTH, ");
        sbSql.append("         LAC.ARCHIVE_TYPE, ");
        sbSql.append("         CARU.REL_TARGET_ID, ");
        sbSql.append("         CARU.REL_TARGET_NAME ");
        sbSql.append("    FROM LANTOP_ARCHIVE_CLASS LAC ");
        sbSql.append("    LEFT JOIN (SELECT CART.ID, ");
        sbSql.append("                     CART.AUTH_SERVICE_ID, ");
        sbSql.append("                     CART.TARGET_TYPE, ");
        sbSql.append("                     CART.TARGET_ID, ");
        sbSql.append("                     CART.CODE, ");
        sbSql.append("                     CART.NAME, ");
        sbSql.append("                     CART.ACTION_TYPE, ");
        sbSql.append("                     CART.OPERATE_AUTH, ");
        sbSql.append("                     LUASE.REL_TARGET_ID, ");
        sbSql.append("                     LUASE.REL_TARGET_NAME ");
        sbSql.append("                FROM CBB_AUTH_RESOURCE CART ");
        sbSql.append("                LEFT JOIN LANTOP_USER_AUTH_SET_EXTEND LUASE ");
        sbSql.append("                  ON CART.ID = LUASE.CBB_AUTH_RESOURCE_ID ");
        sbSql.append("                 WHERE ( ");
        // 部门维度
        sbSql.append("  ( ");
        sbSql.append("  	  CART.TARGET_TYPE = '2' ");
        sbSql.append("  	AND EXISTS(");
        sbSql.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSql.append("                   WHERE T.DEPT_ID = CART.TARGET_ID  ");
        sbSql.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSql.append("                  AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSql.append("                  AND T.dept_id = '" + deptId + "'");
        sbSql.append("     		  ) ");
        sbSql.append("     ) ");
        sbSql.append("    ) ");
        sbSql.append("                 AND CART.ORG_ID = '" + orgId + "' ");
        sbSql.append("                 AND CART.SYS_ID = '" + sysId + "' ");
        sbSql.append("                 AND CART.AUTH_SERVICE_ID = 'LANTOP_AUTH_SERVER_USERSET' ");
        sbSql.append("                 ) CARU ");
        sbSql.append("      ON LAC.ID = CARU.CODE ");
        sbSql.append("   WHERE LAC.ORG_ID = '" + orgId + "' ");
        sbSql.append("     AND LAC.SYS_ID = '" + sysId + "' ");
        sbSql.append("     AND LAC.ARCHIVE_CLASS_NODE_CODE NOT IN ('BMWJ', 'GRWJ') ");
        sbSql.append(" AND NOT EXISTS ( SELECT T.ID FROM LANTOP_ARCHIVE_CLASS T WHERE T.ID = LAC.ID AND T.ARCHIVE_TYPE = '10' )");
        sbSql.append(" ) ");
        StringBuffer sbSqlSec = new StringBuffer();
        // 2015-12-28，修改内容：没有给该节点授条目浏览权限，但条目权限配置中设置了可以看到该节点下的某些数据，之前实现看不到该节点，这里做了修改
        sbSqlSec.append("SELECT distinct(NODE_ID) IDS");
        sbSqlSec.append("  FROM (SELECT ID NODE_ID ");
        sbSqlSec.append("          FROM T1 ");
        sbSqlSec.append("         START WITH OPERATE_AUTH LIKE '1,%' ");
        sbSqlSec.append("        CONNECT BY PRIOR PARENT_ID = ID ");
        sbSqlSec.append("        UNION ALL ");
        sbSqlSec.append("        SELECT LUAED.ARCHIVE_CLASS_ID NODE_ID ");
        sbSqlSec.append("          FROM LANTOP_USER_AUTH_EXTEND_DATA LUAED");
        sbSqlSec.append(" WHERE LUAED.ORG_ID = '" + orgId + "'");
        sbSqlSec.append("  AND LUAED.SYS_ID = '" + sysId + "'");
        sbSqlSec.append("  AND (LUAED.START_DATE <=");
        sbSqlSec.append("      to_date(to_char(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR");
        sbSqlSec.append("      LUAED.START_DATE IS NULL)");
        sbSqlSec.append("  AND (LUAED.END_DATE >=");
        sbSqlSec.append("      to_date(to_char(SYSDATE, 'yyyy-mm-dd'), 'yyyy-mm-dd') OR");
        sbSqlSec.append("      LUAED.END_DATE IS NULL)");
        // 用户维度
        sbSqlSec.append("  AND (");
        // 部门维度
        sbSqlSec.append("  (");
        sbSqlSec.append("  	  LUAED.TARGET_TYPE = '2' ");
        sbSqlSec.append("  	AND EXISTS (");
        sbSqlSec.append("     			SELECT DEPT_ID FROM BPM_DEF_USER_DEPT_POSITION_V T ");
        sbSqlSec.append("                   WHERE T.DEPT_ID = LUAED.TARGET_ID  ");
        sbSqlSec.append("     				AND T.USER_ID = '" + targetId + "'");
        sbSqlSec.append("                   AND T.ORG_IDENTITY = '" + orgIdentity + "'");
        sbSqlSec.append("                   AND T.dept_id = '" + deptId + "'");
        sbSqlSec.append("     		  ) ");
        sbSqlSec.append("     )");
        sbSqlSec.append("     		  )) ");
        List<String> list = new ArrayList<String>();
        list.add(sbSql.toString());
        list.add(sbSqlSec.toString());
        return list;
    }
    /**
     * 判断当前用户是否有处理单权限
     * @MethodName: 公司领导和专职档案人员以及档案机构负责人，档案机构分管领导可以浏览和下载本单位处理单，部门领导和兼职档案人员只能浏览和下载本部门的处理单
     * @param userId  用户id
     * @param orgCode  全总编码
     * @param orgId  全总id
     * @Return: java.lang.String
     * @Author: 无量
     * @Date: 2019/12/10 14:04
     */
    @Override
    public String authForCLD(String userId, String orgCode, String orgId) {
        String isHavaAuth="0";
        StringBuffer sbSql =new StringBuffer();
        sbSql.append("SELECT (SELECT ROLE_CODE FROM SYS_ROLE WHERE ID=SUR.SYS_ROLE_ID) ROLE_CODE  ");
        sbSql.append(" FROM SYS_USER_ROLE SUR WHERE SUR.SYS_USER_ID='");
        sbSql.append(userId);
        sbSql.append("' AND  SUR.ORG_IDENTITY='"+orgId+"'");
        List<Map<String, Object>> list = this.jdbcAvicit.getJdbcTemplate().queryForList(sbSql.toString());
        if (list.size()>0){
            for (int i = 0; i < list.size(); i++) {
                Map<String, Object> objectMap = list.get(i);
                String roleCode = (String) objectMap.get("ROLE_CODE"); // 角色编码
                if (roleCode.equals(orgCode+"_Company_Leaders_ROLE")||roleCode.equals(orgCode+"_Sanxia_Manager_ROLE")||roleCode.equals(orgCode+"_Sanxia_Manager_Leader_ROLE")||roleCode.equals(orgCode+"_Archival_Dept_Leader_ROLE")){//公司领导或者专职档案人员或档案机构负责人，档案机构分管领导
                    isHavaAuth="1";
                    return isHavaAuth;
                }else if (roleCode.equals(orgCode+"_Parttime_Manager_ROLE")||roleCode.equals(orgCode+"_Dept_Leader_ROLE")){//兼职档案人员和部门领导
                    isHavaAuth="2";
                    return isHavaAuth;
                }
            }
        }
        return isHavaAuth;
    }

}
